计算机工程与科学2017,Vol.39Issue(4):796-803,8.DOI:10.3969/j.issn.1007-130X.2017.04.026
基于改进凝聚层次聚类的协议分类算法
A protocol classification algorithm based on improved AGNES
摘要
Abstract
In the process of bit-stream unknown protocol identification,how to separate multi-protocol data frames into single protocol data frames is a challenging issue.To solve this problem,we propose an improved algorithm based on the idea of traditional AGNES algorithm.Combining the features of bitstream data frames,this algorithm can define the similarity between data frames and the similarity between clusters by two different ways.We perform clustering and extract clusters that meet the requirements of the class cluster simultaneously.Protocol data frames can be clustered quickly and effectively without inputting the number of clusters.And a similarity evaluation is included in the results of class clusters.Tests on the data set published by the Lincoln Laboratory show that the algorithm has a higher accuracy rate for clustering protocol data frames.关键词
未知协议/协议识别/层次聚类算法/聚类Key words
unknown protocol/protocol identification/hierarchical clustering algorithm/clustering分类
信息技术与安全科学引用本文复制引用
张凤荔,周洪川,张俊娇,刘渊,张春瑞..基于改进凝聚层次聚类的协议分类算法[J].计算机工程与科学,2017,39(4):796-803,8.基金项目
国家NASF基金(U1230106) (U1230106)
中国工程物理研究院科学技术发展基金(2012A0403021) (2012A0403021)
四川省科技计划(2014GZ0109,2015KZ002) (2014GZ0109,2015KZ002)
国家自然科学基金(61472064) (61472064)
