{"title":"基于SVM的网络异常流量检测算法","authors":"Yang Lei","doi":"10.1109/ICRIS.2017.61","DOIUrl":null,"url":null,"abstract":"In order to guarantee the high level of network security and improve the user experience of the network, in this paper, we propose an effective network anomaly traffic detection algorithm. Firstly, six types of network features are used in our work, such as 1) Number of source IP address, 2) Number of source port number, 3) Number of destination IP address, 4) Number of destination port number, 5) Number of packet type, 6) Number of distinct packets with same packet size. Afterwards, we discuss how to generate normalized entropy for the features which are exploited in the network anomaly traffic detection. Secondly, we convert the network traffic anomaly detection problem to a classification problem, and proposed a hybrid PSO-SVM model to solve it. Finally, experimental results demonstrate that the proposed method can detect different network traffic anomaly behaviors with high accuracy.","PeriodicalId":443064,"journal":{"name":"2017 International Conference on Robots & Intelligent System (ICRIS)","volume":"148 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"21","resultStr":"{\"title\":\"Network Anomaly Traffic Detection Algorithm Based on SVM\",\"authors\":\"Yang Lei\",\"doi\":\"10.1109/ICRIS.2017.61\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In order to guarantee the high level of network security and improve the user experience of the network, in this paper, we propose an effective network anomaly traffic detection algorithm. Firstly, six types of network features are used in our work, such as 1) Number of source IP address, 2) Number of source port number, 3) Number of destination IP address, 4) Number of destination port number, 5) Number of packet type, 6) Number of distinct packets with same packet size. Afterwards, we discuss how to generate normalized entropy for the features which are exploited in the network anomaly traffic detection. Secondly, we convert the network traffic anomaly detection problem to a classification problem, and proposed a hybrid PSO-SVM model to solve it. Finally, experimental results demonstrate that the proposed method can detect different network traffic anomaly behaviors with high accuracy.\",\"PeriodicalId\":443064,\"journal\":{\"name\":\"2017 International Conference on Robots & Intelligent System (ICRIS)\",\"volume\":\"148 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"21\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 International Conference on Robots & Intelligent System (ICRIS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICRIS.2017.61\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 International Conference on Robots & Intelligent System (ICRIS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICRIS.2017.61","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Network Anomaly Traffic Detection Algorithm Based on SVM
In order to guarantee the high level of network security and improve the user experience of the network, in this paper, we propose an effective network anomaly traffic detection algorithm. Firstly, six types of network features are used in our work, such as 1) Number of source IP address, 2) Number of source port number, 3) Number of destination IP address, 4) Number of destination port number, 5) Number of packet type, 6) Number of distinct packets with same packet size. Afterwards, we discuss how to generate normalized entropy for the features which are exploited in the network anomaly traffic detection. Secondly, we convert the network traffic anomaly detection problem to a classification problem, and proposed a hybrid PSO-SVM model to solve it. Finally, experimental results demonstrate that the proposed method can detect different network traffic anomaly behaviors with high accuracy.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
