| With the development of computer technology,network data is growing at an unpredictable rate,and more and more network security issues are accompanied.People have been studying network security for a long time.Network anomaly detection is one of the important part of maintaining network security;The development of data mining and machine learning technology is also playing an increasingly important role in network anomaly detection,and network security issues can be mapped to network data security,Therefore,this paper proposes a network data anomaly detection based on the hybrid frog leaping clustering algorithm.In order to solve the problem of high data dimension and low accuracy of abnormality detection in network data anomaly detection,the research work of this paper is as follows:(1)Research on feature selection method,and propose a quadratic feature selection algorithm based on information sharing.Network data traffic has high dimensionality and complex features.How to extract critical information quickly and accurately in complex network data is especially important.Aiming at this problem,we propose a quadratic feature selection algorithm based on information sharing.Based on the concept of information sharing,the algorithm selects the characteristics of network data from the two aspects of information gain and correlation,and obtains a subset of pre-selected features.Then,through the improved group intelligence algorithm,the secondary feature selection is performed on the pre-selected feature subsets,thereby extracting the main features of the network data.Experiments show that under different classifiers and different data sets,this method can not only reduce the feature space dimension,but also ensure better classification accuracy.(2)Research on the clustering algorithm of density peak,and propose a density peak clustering algorithm based on hybrid frog leaping.This paper mainly studies the density peak clustering algorithm,which can locate the cluster center more accurately,but the clustering result is affected by the clustering result of the previous step,and the clustering effect of the data points with unclear genus is poor.In order to improve the efficiency of density peak clustering algorithm in network data anomaly detection,this paper proposes a density peak clustering algorithm based on hybrid frog leaping.The algorithm improves the clustering rules of the density peak clustering algorithm,and divides the data into explicit points and ambiguous fuzzy data points,and draws the triangular stability idea to obtain candidate labels of fuzzy data points,the hybrid frog leaping algorithm determines its final class label and improves the clustering accuracyof fuzzy data points.The experimental results show that the algorithm can effectively identify and cluster fuzzy data points.Compared with several typical clustering algorithms,the proposed algorithm has better clustering quality.(3)Construct a network data anomaly detection algorithm and apply it to the network forensics system.The network data anomaly detection algorithm is mainly divided into two processes:preprocessing and anomaly detection.In the preprocessing part,the KDDCUP99 data set is standardized,and the secondary information selection algorithm based on information sharing is used to extract the main information of the network data.In the anomaly detection part,the density peak clustering algorithm based on the hybrid frog leaping is used to cluster the pre-processed network data to detect the type of attack on the network.The experimental results show that the algorithm has higher anomaly detection rate than other mainstream clustering algorithms,both in the original data set and in the reduced-dimensional data set.Finally,the anomaly detection algorithm is applied to the network forensics system to realize anomaly detection of network data. |
PDF Full Text Request