{"title":"基于KMeans的多层协议特征聚类研究","authors":"Zhiguo Liu, Xiaobo Ren, Jiangmei Zhang","doi":"10.1109/ICISCAE51034.2020.9236825","DOIUrl":null,"url":null,"abstract":"In view of the current data link layer wireless protocol identification methods, the differences in the internal protocol format of the data frame are ignored, and the data frame is treated as single-layer protocol data to process, which cannot achieve an in-depth analysis of the unknown protocol. It is proposed to use known protocols to supplement unknown protocol information, and to use the association rules between multi-type frames and characteristic fields of multi-layer protocols to classify characteristic fields of multi-layer protocols. This method uses KMeans clustering, uses the trial-and-error process and error square sum parameters to determine the optimal cluster K, uses known protocol information to optimize the cluster center point, and uses the contour coefficient to evaluate the clustering results. It can realize the effective classification of protocol characteristics, and it is of great significance to analyze the unknown protocols in depth.","PeriodicalId":355473,"journal":{"name":"2020 IEEE 3rd International Conference on Information Systems and Computer Aided Education (ICISCAE)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-09-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Research on Multi-layer Protocol Feature Clustering Based on KMeans\",\"authors\":\"Zhiguo Liu, Xiaobo Ren, Jiangmei Zhang\",\"doi\":\"10.1109/ICISCAE51034.2020.9236825\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In view of the current data link layer wireless protocol identification methods, the differences in the internal protocol format of the data frame are ignored, and the data frame is treated as single-layer protocol data to process, which cannot achieve an in-depth analysis of the unknown protocol. It is proposed to use known protocols to supplement unknown protocol information, and to use the association rules between multi-type frames and characteristic fields of multi-layer protocols to classify characteristic fields of multi-layer protocols. This method uses KMeans clustering, uses the trial-and-error process and error square sum parameters to determine the optimal cluster K, uses known protocol information to optimize the cluster center point, and uses the contour coefficient to evaluate the clustering results. It can realize the effective classification of protocol characteristics, and it is of great significance to analyze the unknown protocols in depth.\",\"PeriodicalId\":355473,\"journal\":{\"name\":\"2020 IEEE 3rd International Conference on Information Systems and Computer Aided Education (ICISCAE)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-09-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 IEEE 3rd International Conference on Information Systems and Computer Aided Education (ICISCAE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICISCAE51034.2020.9236825\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE 3rd International Conference on Information Systems and Computer Aided Education (ICISCAE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICISCAE51034.2020.9236825","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Research on Multi-layer Protocol Feature Clustering Based on KMeans
In view of the current data link layer wireless protocol identification methods, the differences in the internal protocol format of the data frame are ignored, and the data frame is treated as single-layer protocol data to process, which cannot achieve an in-depth analysis of the unknown protocol. It is proposed to use known protocols to supplement unknown protocol information, and to use the association rules between multi-type frames and characteristic fields of multi-layer protocols to classify characteristic fields of multi-layer protocols. This method uses KMeans clustering, uses the trial-and-error process and error square sum parameters to determine the optimal cluster K, uses known protocol information to optimize the cluster center point, and uses the contour coefficient to evaluate the clustering results. It can realize the effective classification of protocol characteristics, and it is of great significance to analyze the unknown protocols in depth.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
