Al technical title is built by PatSnap Al team. It summarizes the technical point description of the patent document.
A technology of abnormal flow and detection system, applied in transmission systems, instruments, biological neural network models, etc., can solve the problems that flow data cannot be well divided into data, reduce detection accuracy, increase calculation loss, etc.
Pending Publication Date: 2020-10-27
SHANGHAI JIAO TONG UNIV +1
View PDF6 Cites 22 Cited by
Summary
Abstract
Description
Claims
Application Information
AI Technical Summary
This helps you quickly interpret patents by identifying the three key elements:
Problems solved by technology
Method used
Benefits of technology
Problems solved by technology
Considering the huge data volume of network traffic in the ubiquitous power Internet of Things system, using the original traffic features for classification and recognition will increase the calculation loss on the one hand, and on the ...
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more
Image
Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
Click on the blue label to locate the original text in one second.
Reading with bidirectional positioning of images and text.
Smart Image
Examples
Experimental program
Comparison scheme
Effect test
Embodiment 1
[0057] The abnormal traffic detection system provided according to the present invention includes:
[0058] Traffic feature analysis and selection module: filter the traffic features according to the traffic characteristics of the ubiquitous power Internet of Things, and use the KPCA algorithm to reduce the dimensionality of the traffic features;
[0059] Traffic benchmark model construction module: extract the traffic features after dimensionality reduction, construct a restricted Boltzmann machine model based on the RBM model and SOM clustering algorithm and conduct training, and complete the construction of the benchmark model;
[0060] Traffic benchmark model training module: according to the contrastive divergence algorithm, the abnormality of the trained benchmark model is divided into normal benchmark model and abnormal benchmark model;
[0061] Abnormal traffic detection module: extract and calculate the traffic characteristics to be detected, and detect abnormal traff...
Embodiment 2
[0066] Such as figure 1 As shown, this embodiment specifically includes the following steps: traffic feature analysis and selection, traffic benchmark model construction, traffic benchmark model training, and abnormal traffic detection.
[0067] First of all, when analyzing and selecting traffic characteristics, the data response time in the ubiquitous power Internet of Things system is short, the network data has obvious periodicity and timing, the IP address is relatively fixed, and the length of the message data is short and the length is within a certain range. , high frequency of data transmission, specific network protocol and other characteristics, from the perspective of actual network characteristics, initially select source IP address, destination IP address, source port, destination port, traffic response time, function information field and other characteristics as the traffic characteristics to be selected .
[0068] The service types of the traffic data include ...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more
PUM
Login to view more
Abstract
The invention provides an abnormal flow detection system and method, and the system comprises a flow feature analysis and selection module which screens flow features according to the flow features ofa ubiquitous power IOT, and carries out the dimension reduction of the flow features through a KPCA algorithm; a flow reference model construction module which is used for extracting flow characteristics after dimension reduction, constructing a restricted Boltzmann machine model based on an RBM model and an SOM clustering algorithm and training to complete construction of a reference model; a flow benchmark model training module which is used for carrying out anomaly degree division on the trained benchmark model according to a comparison divergence degree algorithm, and dividing the benchmark model into a normal benchmark model and an abnormal benchmark model; and an abnormal flow detection module which is used for extracting and calculating flow characteristics to be detected, and carrying out abnormal flow detection according to the similarity between the output of the reference model and the original input characteristic data. According to the invention, the automatic category labeling of the traffic data can be completed, and the network traffic anomaly detection accuracy is relatively high.
Description
technical field [0001] The invention relates to the technical field of network intrusion detection, in particular to a system and method for detecting abnormal traffic. In particular, it relates to an abnormal traffic detection system based on a restricted Boltzmann machine model and a SOM clustering algorithm. Background technique [0002] Network traffic anomaly detection is an important technical protection method for the ubiquitous power Internet of Things system, and its main implementation method is to use the network traffic anomaly detection technology based on the benchmark model. Specifically, different types of benchmark models are established according to the characteristics of historical traffic, and whether abnormalities occur are judged by matching real-time traffic with each benchmark model. With its excellent generalization and robustness, the machine learning model has gradually become the preferred solution of the benchmark model. However, the machine le...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more
Application Information
Patent Timeline
Application Date:The date an application was filed.
Publication Date:The date a patent or application was officially published.
First Publication Date:The earliest publication date of a patent with the same application number.
Issue Date:Publication date of the patent grant document.
PCT Entry Date:The Entry date of PCT National Phase.
Estimated Expiry Date:The statutory expiry date of a patent right according to the Patent Law, and it is the longest term of protection that the patent right can achieve without the termination of the patent right due to other reasons(Term extension factor has been taken into account ).
Invalid Date:Actual expiry date is based on effective date or publication date of legal transaction data of invalid patent.
Login to view more 
Login to view more