Research On Explosive And Latent Anomalous Behavior Pattern Detection Technology Of Network Streams

With the rapid development of 5G,Internet of Things,cloud computing,artificial intelligence technology and a wide variety of Internet applications,resulting in a large amount of network streams.To ensure the stable operation of the network,it is necessary to better observe and analyze network streams.Network streams anomaly detection aims to discover and describe key exceptions that affect network infrastructure.By detecting these exceptions and quickly repairing them,network service quality and network utilization efficiency can be improved.However,there are the following challenges: most studies focus on a certain feature or method,and there are very few classified studies on network streams anomalous behavior pattern.Therefore,based on the existing research results,this paper focuses on the detection of explosive and latent anomalous behavior patterns of network streams.The main research contents are as follows:(1)We design an explosive network streams anomaly detection method based on dense subgraph discovery.To solve the problem that the statistical methods based on historical data and the machine learning methods in the existing algorithms can not achieve fast real-time detection,this paper proposes an explosive network streams anomaly detection strategy based on dense subgraph discovery,SAD.Network streams can be abstracted as graph topological structure,so this paper abstracts network streams as dynamic graph,and dense subgraph can be expressed as anomalous behavior pattern.In order to solve the NP-hard problem of traditional subgraph mining,an auxiliary data structure is designed to store intermediate results that are about to form dense subgraphs but not yet formed,and its execution model allows fast incremental maintenance strategy.In this way,anomaly patterns in network streams can be detected in near real time.Experimental results show that SAD not only achieves higher accuracy of 90.2%,but also is faster than the latest algorithm 11.4×.(2)We design an latent network streams detection scheme based on intelligent game theory.As latent network streams lacks clear features and is difficult to record,existing algorithms are difficult to classify latent and small anomalous network streams.This paper proposes a latent network streams detection scheme based on intelligent game theory,DPS.This scheme uses game theory to model the interaction between APT and DIFT,aiming to reduce the benefits of APT attacks and make DIFT gain high returns.The DPS framework proposed in this paper uses deep reinforcement learning to find Nash equilibrium.A subgraph pruning strategy and deep-q network are designed to guide both parties to explore new strategies in IFG.Experimental results show that DPS framework can delay APT intrusion under equalization in three epochs and get better reward than Uniform strategy.