计算机工程与应用 ›› 2007, Vol. 43 ›› Issue (11): 153-156.

• 网络、通信与安全 • 上一篇    下一篇

基于子空间方法的大规模网络流量异常检测

王海龙 杨岳湘 李强   

  1. 国防科学技术大学 计算机学院 硕士一队 国防科技大学 计算机学院 清华大学计算机系
  • 收稿日期:2006-05-12 修回日期:1900-01-01 出版日期:2007-04-11 发布日期:2007-04-11
  • 通讯作者: 王海龙

Detecting Network-Wide Traffic Anomalies Based on Subspace Method

  • Received:2006-05-12 Revised:1900-01-01 Online:2007-04-11 Published:2007-04-11

摘要: 本文采用子空间方法和PCA(主成分分析或Principal Components Analysis)对大规模网络流量异常检测进行研究,并以校园网为实验环境,应用子空间方法和PCA实现了网络流量异常检测。通过实验结果与小波分析结果的对比,证明了基于子空间方法的大规模网络流量异常检测是一种既简单又高效的方法。

关键词: PCA, 大规模网络流量, 异常检测, 子空间方法

Abstract: Subspace method and PCA(Principal Components Analysis) was adopted in network-wide traffic anomaly detection research. In experiment environment of campus networks, the process of detecting network traffic anomalies was realized by applying subspace method and PCA. Through the comparison of the results from the experiment and wavelet analysis, it shows that network-wide traffic anomaly detection based on subspace method is more simple and effective.

Key words: PCA, network-wide traffic, anomaly detection, subspace method