Anomaly Detection Technology Based On Feature Extraction Of Clustering In The Research And Implementation

The rapid development of the network makes people’s lives more convenient, andpeople increasingly rely on the network to work, study. With the increase of networkcomplexity, many insecure network factors followed by a variety of networkattack andthe virus, they affect the life of the network of people and bring a lot of the hiddendangers of security.Anomaly detection technology is the core part of the network intrusion detection, itis used to detect network intrusion, attack and intercept the malicious packets whichwant to enter the protected network. Anomaly detection is been extensively studiedbecause high detecting accuracy and low omitting rate it have. But it also has somedrawback such as the existence of the false positive rate and detection time-consuming.In this paper, author design and implemente a network anomaly detection technologybased on feature extraction, the main contents of this paper include the following:1.Researched and analysised anomaly detection technology, combined the classicdata mining algorithms and pattern matching algorithm, then applied it into anomalydetection. The detection extracts the key and the significant network characteristics, andreduce the consumption of the data detection.2.Researched Octeon CN3860feature such as network processors for multi-coreplatform hardware features, working principle, operation mode and softwaredevelopment models, then achieved anomaly detection in multi-core platform whichproposed in this paper, joined the system control center and communications plane,became a network anomaly detection system, achieved the packets anomaly detectionand real-time alarm.3.In order to adapt the multi-core processing, we used the locality principle of flowto design and develop the shunt, strived to maximize the advantages of multi-coresystems.The test analysis shows that, detection technology bringed forward by this paperdesigned can reduce the calculation of the data, and reduce the comparison time, itensure detection accuracy while slightly lower false positive rate of detection and minimizes the detection of time-consuming.