摘要
当前网络异常入侵检测主要依托于信息熵法,在检测过程中并未对入侵提取结果进行分类,导致最终检测结果误报率较高。为降低检测结果误报率,因此,研究了一种基于大数据驱动的光纤通信网络异常入侵检测方法。首先小波阈值对光纤通信信号进行去噪处理,通过信息增益算法、前向选择和后向去除相结合的方法完成通信数据特征降维,然后应用粗糙集理论和决策树算法构建入侵信号提取检测模型,最后通过聚类算法整理所有异常信号,再根据信号相位差值得到异常入侵定位检测结果。实验结果表明:面对两个不同的测试数据集,所提方法得到的异常入侵检测结果误报率最大值分别为2.75%、2.02%,能够满足入侵检测要求。
At present,network anomaly intrusion detection mainly relies on information entropy method.The intrusion extraction results are not classified in the detection process,resulting in a high false alarm rate of the final detection results.In order to reduce the false alarm rate of detection results,this paper studies an anomaly intrusion detection method based on big data driven optical fiber communication network.First,the wavelet threshold is used to denoise the optical fiber communication signal,and the dimension reduction of the communication data features is completed by combining the information gain algorithm,forward selection and backward removal.Then,the rough set theory and decision tree algorithm are used to build the intrusion signal extraction detection model.Finally,all abnormal signals are sorted out through the clustering algorithm,and then the abnormal intrusion location detection results are obtained according to the signal phase difference.The experimental results show that the maximum false alarm rate of anomaly intrusion detection results obtained by the proposed method is 2.75%and 2.02%respectively for two different test data sets,which can meet the requirements of intrusion detection.
作者
杜广周
唐坤剑
DU Guangzhou;TANG Kunjian(Eastern Art College Zhengzhou University of Light Industry,Zhengzhou 451450 China;Chengdu College of University of Electronic Science and Technology of China,Chengdu 611731,China)
出处
《激光杂志》
CAS
北大核心
2023年第11期116-120,共5页
Laser Journal
基金
第一批教育部产学合作协同育人项目(No.220501020255021)。
关键词
大数据驱动
光纤通信
网络入侵
异常检测
粗糙集
信息熵
big data driven
optical fiber communication
network intrusion
abnormal detection
rough set
in-formation entropy
