摘要
随着网络攻击手段的不断发展,配用电通信网络安全防护面临严峻挑战.为解决配用电通信网络异常流量检测效率低、检测精度不足的问题,从特征提取和流量分类这两个方面进行改进研究,提出了一种配用电通信网络异常流量检测的新方法.在特征提取方面,使用时频域特征提取方法,采用自适应冗余提升多小波包变换快速提取频域特征,结合配用电网络通信特点提取时域特征;在流量分类检测方面,提出了基于分布式计算框架的并行深度森林分类算法,并对训练与分类任务调度策略进行了优化.使用终端流量及常用异常流量检测数据集进行实验,结果表明所提方法对配用电网络异常流量检测的误报率仅为2.63%,准确率可达98.29%,并且深度森林并行计算能均衡地分配任务,显著地加速了训练与分类过程.
With the continuous development of network attack methods,it is becoming increasingly difficult to protect the security of power communication networks.Currently,the detection accuracy of abnormal traffic in distribution communication networks is insufficient and the efficiency of abnormal traffic detection is low.To address these issues,a new method for abnormal traffic detection in distribution communication networks is proposed,in which feature extraction and traffic classification are improved.The proposed method utilizes a time-frequency domain feature extraction method,using an adaptive redundancy boosting multiwavelet packet transform to quickly extract frequency-domain features,while time-domain features are extracted using the communication characteristics of the distribution network.To improve traffic classification and detection,a parallel deep forest classification algorithm is proposed based on a distributed computing framework,and the training and classification task scheduling strategies are optimized.The experimental results show that the false alarm rate of the proposed method is only 2.63%and the accuracy rate for the detection of abnormal traffic in distribution networks is 98.29%.
作者
周政雷
陈俊
潘俊涛
袁培森
ZHOU Zhenglei;CHEN Jun;PAN Juntao;YUAN Peisen(Measurement Center,Guangxi Power Grid Co.Ltd.,Nanning 530024,China;College of Artificial Intelligence,Nanjing Agricultural University,Nanjing 210031,China)
出处
《华东师范大学学报(自然科学版)》
CAS
CSCD
北大核心
2023年第5期122-134,共13页
Journal of East China Normal University(Natural Science)
基金
国家自然科学基金(61806097)
江苏省农业科技自主创新资金(SCX(21)3059)
上海市大数据管理系统工程研究中心开放基金(HYSY21022)。
关键词
异常流量检测
配用电通信网络
时频域特征
深度森林
并行计算
abnormal traffic detection
power distribution communication network
time-frequency domain features
deep forest
parallel computing
