基于圖論算法的網(wǎng)絡(luò)通信異常節(jié)點識別*
網(wǎng)絡(luò)安全與數(shù)據(jù)治理 7期
桂丹萍,費揚
(1.閩南科技學院通識教育學院, 福建泉州362300;2.上海交通大學電子信息與電氣工程學院,上海200240)
摘要: 針對網(wǎng)絡(luò)通信中異常節(jié)點的識別,傳統(tǒng)的基于規(guī)則和簽名的方式,或是只參考局部圖形特征的方法,在識別網(wǎng)絡(luò)中的關(guān)鍵用戶時都存在局限性。提出了一種基于圖論算法的異常節(jié)點檢測方法。首先,通過線下采集的真實局域網(wǎng)數(shù)據(jù)集生成圖網(wǎng)絡(luò);利用網(wǎng)絡(luò)的多個圖形特征來定位異常節(jié)點,分析其可能存在的異常行為;其次在網(wǎng)絡(luò)公開數(shù)據(jù)集上進行實驗,以驗證檢測的效果;最后的測試結(jié)果證明,本方法可以在網(wǎng)絡(luò)通信中有效地定位異常節(jié)點,高效便捷,實用性佳。
中圖分類號:TP393.1
文獻標識碼:A
DOI:10.19358/j.issn.2097-1788.2023.07.007
引用格式:桂丹萍,費揚.基于圖論算法的網(wǎng)絡(luò)通信異常節(jié)點識別[J].網(wǎng)絡(luò)安全與數(shù)據(jù)治理,2023,42(7):43-48.
文獻標識碼:A
DOI:10.19358/j.issn.2097-1788.2023.07.007
引用格式:桂丹萍,費揚.基于圖論算法的網(wǎng)絡(luò)通信異常節(jié)點識別[J].網(wǎng)絡(luò)安全與數(shù)據(jù)治理,2023,42(7):43-48.
Identification of abnormal nodes in network communication based on graph theory algorithm
Gui Danping1,F(xiàn)ei Yang2
(1.School of General Education, Minnan Science and Technology University, Quanzhou 362300, China; 2.School of Electronic Information and Electrical Engineering, Shanghai Jiao Tong University, Shanghai 200240, China)
Abstract: The traditional methods of identifying abnormal nodes in network communication, which rely on rules and signatures, or methods that only use partial graphical features, are limited when identifying key users. An anomaly node detection algorithm based on graph theory is proposed in this paper. Firstly local area network datasets collected offline are used to build a graph network; multiple graph features are analyzed to locate abnormal nodes in the network and analyze their potential abnormal behavior; secondly, experiments are conducted to test the detection effect on public network datasets. As a result of the final test results, it has proven to be efficient, convenient, and practical in locating abnormal nodes in network communication.
Key words : graph theory algorithm; abnormal detection; graph network generation; graph feature analysis
0 引言
隨著信息化時代的到來,網(wǎng)絡(luò)安全問題開始在全球大量的局域網(wǎng)中出現(xiàn),不法分子利用網(wǎng)絡(luò)結(jié)構(gòu)的漏洞對網(wǎng)絡(luò)內(nèi)部的信息、設(shè)備甚至用戶進行攻擊,引發(fā)網(wǎng)絡(luò)異常,以達到竊取信息、癱瘓網(wǎng)絡(luò)等效果。為了提高網(wǎng)絡(luò)安全保障能力,需要利用大量數(shù)據(jù)進行網(wǎng)絡(luò)安全監(jiān)測、風險評估和威脅畫像構(gòu)建。在這個網(wǎng)絡(luò)安全檢測的全過程中,分析網(wǎng)絡(luò)通信節(jié)點的可靠性是非常重要的一環(huán)。因此,網(wǎng)絡(luò)安全的研究和應(yīng)用變得至關(guān)重要。在真實環(huán)境中,尤其是在存有大量網(wǎng)絡(luò)節(jié)點的內(nèi)部網(wǎng)絡(luò)中,很難預(yù)知并自動檢測可疑節(jié)點。如何對通信網(wǎng)絡(luò)流量實現(xiàn)安全監(jiān)控并構(gòu)建網(wǎng)絡(luò)節(jié)點的威脅畫像,很大程度上依賴于對于網(wǎng)絡(luò)異常節(jié)點的正確識別。
本文詳細內(nèi)容請下載:http://www.rjjo.cn/resource/share/2000005419
作者信息:
桂丹萍1,費揚2
(1.閩南科技學院通識教育學院, 福建泉州362300;2.上海交通大學電子信息與電氣工程學院,上海200240)
此內(nèi)容為AET網(wǎng)站原創(chuàng),未經(jīng)授權(quán)禁止轉(zhuǎn)載。