摘要
由于数据自身缺陷的干扰,导致对异常流量检测结果的可靠性相对较低,为此提出基于数据挖掘的局域网异常流量检测方法。根据数据的分布设置网络允许异常阈值,将其作为数据预处理的基准,通过丢弃异常属性大于网络允许阈值的数据,实现对数据的预处理。采用one-hot编码数值化的方式对预处理后的数据进行简化,利用数据挖掘中的欧式距离计算任意两个连续数据之间的关系,并将欧式距离差值大于等于整体流量数据阈值上限,或小于等于整体流量数据阈值下限的数据判定为异常数据,以此实现对局域网异常流量的检测。测试结果中,设计方法对异常流量检测的准确率稳定在88.00%以上,且错误率低于5.00%。
Due to the interference of data’s own defects,the reliability of abnormal traffic detection results is relatively low.Therefore,a LAN abnormal traffic detection method based on data mining is proposed.The network allowable exception threshold is set according to the distribution of data,which is used as the benchmark for data preprocessing.By discarding the data whose exception attribute is greater than the network allowable threshold,data preprocessing is realized.The preprocessed data is simplified by one-hot coding,the relationship between any two continuous data is calculated by using the Euclidean distance in data mining,and the data whose Euclidean distance difference is greater than or equal to the upper limit of the overall traffic data threshold or less than or equal to the lower limit of the overall traffic data threshold is determined as abnormal data,so as to detect the abnormal traffic of the local area network.In the test results,the accuracy of the design method for abnormal flow detection is stable above 88.00%,and the error rate is less than 5.00%.
作者
刘文学
LIU Wenxue(Qingdao Vocational and Technical College of Hotel Management,Qingdao Shandong 266100,China)
出处
《信息与电脑》
2022年第21期236-238,共3页
Information & Computer
