Network flow anomaly detection method based on intuitionistic fuzzy time series graph mining

A technology of time series and network traffic, applied in data mining, visual data mining, structured data retrieval, etc., can solve problems such as inaccurate prediction results, failure to consider the relationship between vertices in the graph, and insufficient consideration

Active Publication Date: 2020-07-28
AIR FORCE UNIV PLA
View PDF3 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The first two methods do not consider the relationship between the vertices in the graph, and the third method does not consider the relationship between the vertices in the graph comprehensively.
To sum up, most of the current existing methods ...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network flow anomaly detection method based on intuitionistic fuzzy time series graph mining
  • Network flow anomaly detection method based on intuitionistic fuzzy time series graph mining
  • Network flow anomaly detection method based on intuitionistic fuzzy time series graph mining

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0070] The present invention will be described in further detail below in conjunction with the accompanying drawings and specific embodiments.

[0071] The present invention uses Intuitionistic Fuzzy Time Series (IFTS) prediction to solve the typical fuzzy time series problem of traffic anomaly detection, and comprehensively utilizes information entropy theory and graph mining technology to propose a network traffic anomaly detection based on IFTS graph mining method. This method introduces frequent subgraph mining technology to mine frequent subgraphs at each moment, establishes abnormal vectors to represent the abnormal situation of network traffic at this moment, and obtains its dynamic threshold by fitting and analyzing the distance between abnormal vectors, so as to carry out Judgment of network anomalies.

[0072] The present invention first uses information entropy to quantify the five-dimensional attributes of network traffic data, respectively establishes a heuristic...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a network flow anomaly detection method based on intuitionistic fuzzy time series graph mining. The method comprises the following steps: step 1, constructing an IFTS graph; step 2, IFTS graph mining; and step 3, determining an anomaly judgment criterion. The method has the beneficial effects that an intuitionistic fuzzy time sequence diagram is constructed, so that the vertex relationship information in the diagram is comprehensively mined and fully utilized, and the network traffic abnormality can be more accurately detected. The method firstly converts original one-dimensional network flow prediction into more accurate five-dimensional prediction by combining information entropy and an IFTS prediction technology; in addition, heuristic variable-order IFTS prediction not only has efficient prediction performance on an incomplete data set, but also can enable a prediction result to be closer to reality. A complete graph established by using a more accurate prediction result can reflect the change of the flow attribute more accurately, so that a more accurate exception report is obtained through frequent sub-graph mining.

Description

technical field [0001] The invention belongs to the technical field of data mining, and in particular relates to a method for detecting abnormal network traffic. Background technique [0002] A network traffic anomaly is a situation where the behavior of traffic in a network deviates from its normal behavior. In order to ensure the security and stability of the network and maintain its efficient operation, network managers need to adopt appropriate technologies to describe and analyze possible anomalies in the network and give early warnings. This is network traffic anomaly detection. With the rapid development and wide application of Internet technology, various network attack technologies emerge in an endless stream, and new network security issues continue to emerge. Therefore, traffic anomaly detection technology has also become a hot spot that has always been concerned and researched. been applied to this field. [0003] At present, the commonly used methods mainly in...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F16/26H04L29/06
CPCG06F16/26H04L63/1425G06F2216/03Y02D30/50
Inventor 王亚男宋亚飞王坚路艳丽权文
Owner AIR FORCE UNIV PLA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap