以提升船舶通信网络流量异常识别效果,提出基于数据挖掘的船舶通信网络流量异常识别方法。通过统计频率和K-means聚类算法得到网络流量特征;通过拐点综合判决机制确定聚类截断阈值和误差截断阈值,特征数量低于聚类截断阈值以及识别误差大于误差阈值为可疑通信网络流量集合,同时存至2个集合内的通信网络流量即异常通信网络流量。实验证明,该方法可有效确定聚类截断阈值与识别误差截断阈值,识别异常通信网络流量精度高。
In order to improve the identification effect of abnormal traffic in ship communication network, a method of abnormal traffic identification in ship communication network based on data mining is proposed. The characteristics of network traffic are obtained by statistical frequency and K-means clustering algorithm. The cluster truncation threshold and error truncation threshold are determined by the inflection point comprehensive decision mechanism. If the number of features is lower than the cluster truncation threshold and the recognition error is greater than the error threshold, the traffic set of suspicious communication network is defined. The communication network traffic stored in the two sets at the same time is the abnormal communication network traffic. Experiments show that this method can effectively determine the clustering truncation threshold and the identification error truncation threshold, and has high accuracy in identifying abnormal communication network traffic.
2022,44(14): 147-150 收稿日期:2022-01-13
DOI:10.3404/j.issn.1672-7649.2022.14.031
分类号:TP393
作者简介:魏建行(1970-),男,硕士,高级实验师,研究方向为数据挖掘与算法
参考文献:
[1] 董书琴, 张斌. 基于深度特征学习的网络流量异常检测方法[J]. 电子与信息学报, 2020, 42(3): 695–703
Dong Shuqin, Zhang Bin. Network Traffic Anomaly Detection Method Based on Deep Features Learning[J]. Journal of Electronics & Information Technology, 2020, 42(3): 695–703
[2] 张波, 李素红, 杨树靖. 海上光纤信号衰减造成网络延时的Modbus异常响应研究[J]. 船舶工程, 2019, 41(S1): 356–359
Zhang Bo, Li Suhong, Yang Shujing. Research on Modbus Abnormal Response of Network Delay Caused by Decay of Optical Fiber Signal at Sea[J]. Ship Engineering, 2019, 41(S1): 356–359
[3] 麻文刚, 张亚东, 郭进. 基于LSTM与改进残差网络优化的异常流量检测方法[J]. 通信学报, 2021, 42(5): 23–40
Ma Wengang, Zhang Yadong, Guo Jin. Abnormal traffic detection method based on LSTM and improved residual neural network optimization[J]. Journal on Communications, 2021, 42(5): 23–40
[4] 杜臻, 马立鹏, 孙国梓. 一种基于小波分析的网络流量异常检测方法[J]. 计算机科学, 2019, 46(8): 178–182
Du Zhen, Ma Lipeng, Sun Guozi. Network Traffic Anomaly Detection Based on Wavelet Analysis[J]. Computer Science, 2019, 46(8): 178–182
[5] 杨月麟, 毕宗泽. 基于深度学习的网络流量异常检测[J]. 计算机科学, 2021, 48(S2): 540–546
Yang Yuelin, Bi Zongze. Network Anomaly Detection Based on Deep Learning[J]. Computer Science, 2021, 48(S2): 540–546
[6] 黎佳玥, 赵波, 李想, 等. 基于深度学习的网络流量异常预测方法[J]. 计算机工程与应用, 2020, 56(6): 39–50
Li Jiayue, Zhao Bo, Li Xiang, et al. Network Traffic Anomaly Prediction Method Based on Deep Learning[J]. Computer Engineering and Applications, 2020, 56(6): 39–50
[7] 董书琴, 张斌. 面向不平衡数据的网络流量异常检测方法[J]. 系统仿真学报, 2021, 33(3): 679–689
Dong Shuqin, Zhang Bin. Network Traffic Anomaly Detection Method for Imbalanced Data[J]. Journal of System Simulation, 2021, 33(3): 679–689
[8] 孙旭日, 刘明峰, 程辉, 等. 结合二次特征提取和LSTM-Autoencoder的网络流量异常检测方法[J]. 北京交通大学学报, 2020, 44(2): 17–26
Sun Xuri, Liu Mingfeng, Cheng Hui, et al. Anomaly detection method based on LSTM-Autoencoder and double feature extraction method[J]. Journal of Beijing Jiaotong University, 2020, 44(2): 17–26
[9] 蒋彤彤, 尹魏昕, 蔡冰, 等. 基于层次时空特征与多头注意力的恶意加密流量识别[J]. 计算机工程, 2021, 47(7): 101–108
Jiang Tongtong, Yin Weixin, Cai Bing, et al. Encrypted Malicious Traffic Identification Based on Hierarchical Spatiotemporal Feature and Multi-Head Attention[J]. Computer Engineering, 2021, 47(7): 101–108
[10] 苏阳阳, 孙冬璞, 李丹丹, 等. 基于聚类和流量传播图的P2P流量识别方法[J]. 计算机应用研究, 2019, 36(11): 3448–3451+3455
Su Yangyang, Sun Dongpu, Li Dandan, et al. P2P traffic identification method based on clustering and traffic dispersion graph[J]. Application Research of Computers, 2019, 36(11): 3448–3451+3455
