摘要
以提升船舶通信网络流量异常识别效果,提出基于数据挖掘的船舶通信网络流量异常识别方法。通过统计频率和K-means聚类算法得到网络流量特征;通过拐点综合判决机制确定聚类截断阈值和误差截断阈值,特征数量低于聚类截断阈值以及识别误差大于误差阈值为可疑通信网络流量集合,同时存至2个集合内的通信网络流量即异常通信网络流量。实验证明,该方法可有效确定聚类截断阈值与识别误差截断阈值,识别异常通信网络流量精度高。
In order to improve the identification effect of abnormal traffic in ship communication network,a method of abnormal traffic identification in ship communication network based on data mining is proposed.The characteristics of network traffic are obtained by statistical frequency and K-means clustering algorithm.The cluster truncation threshold and error truncation threshold are determined by the inflection point comprehensive decision mechanism.If the number of features is lower than the cluster truncation threshold and the recognition error is greater than the error threshold,the traffic set of suspicious communication network is defined.The communication network traffic stored in the two sets at the same time is the abnormal communication network traffic.Experiments show that this method can effectively determine the clustering truncation threshold and the identification error truncation threshold,and has high accuracy in identifying abnormal communication network traffic.
作者
魏建行
衣龙洋
魏俊甫
WEI Jian-hang;YI Long-yang;WEI Jun-fu(Information Technology Center,Hebei University,Baoding 071002,China;Center for Network and Laboratory Management,Xinjiang University of Science and Technology,Korla 841000,China)
出处
《舰船科学技术》
北大核心
2022年第14期147-150,共4页
Ship Science and Technology
