| Network anomaly traffic classification and detection technology is an important technology in network operation and maintenance management. Therefore, it is widely concerned by network security researchers, and proposes a feasible method for classification and detection of abnormal traffic. In recent years, the continuous deterioration of network security incidents prompted the development of network traffic classification and detection technology, the new technology has been proposed.With larger scale and more complex topological structure of the network has been continuously construction and use, however, the traditional port based or flow statistical characteristics of network traffic anomaly detection methods can not meet the large flow of data flow impact, in time complex degree, unable to meet the demand of real-time detection. Network traffic anomaly detection in the main time consumption concentrated in the network flow data preprocessing and rules set to establish, thus solving the focus of magnitude in a large-scale network traffic anomaly classification and detection technology bottleneck in data preprocessing and rules set the establishment of. The on the granularity of the information said, network traffic anomaly characteristics parameter extraction and big data technology based on, put forward a kind of based on the data of network traffic anomaly classification and detection method. The method combines the advantages of big data technology and machine learning algorithms, in order to ensure the real time detection based on, effectively reduce the detection algorithm in data preprocessing and rules set established in the course of time consumption. Simulation results show that this method can effectively guarantee the stable and normal operation of the network in addition to the good performance of the classification and detection of abnormal traffic flow and the ability to aggregate unknown attacks. |
PDF Full Text Request