计算机工程与应用2019,Vol.55Issue(4):41-47,7.DOI:10.3778/j.issn.1002-8331.1811-0026
基于Lindeberg-Feller定理的网络异常检测算法
Network Anomaly Detection Algorithm Based on Lindeberg-Feller Central Limit Theorem
摘要
Abstract
In the fields of network maintenance and operation, it attracts much attention how to detect and prompt the net-work anomalies in time. Anomalous events are less in dataset than the normal ones, leading to the fact that it is difficult to use the two-class classifications for anomaly detection because of the imbalance of data labeled as normal or anomalous. Meanwhile, anomalous events are in various patterns and there is little prior information about the anomaly that the users are concerned with, therefore, it is necessary to model the normal data and use them for anomaly detection by comparing the received data with the normal model. Based on Lindeberg-Feller central limit theorem, a hypothesis test is designed to detect whether the data to be tested is anomalous or not, according to the refusing area calculated by the confidential parameter. Finally, the theorem of this algorithm is simulated and the performance is also tested both on the common and the actual datasets. When the users take the correlation features of the anomalous events as the algorithm input, the recall ratio reaches 90%.关键词
异常检测/生成对抗网络/Lindeberg-Feller中心极限定理/假设检验Key words
anomaly detection/ generative adversarial networks/ Lindeberg-Feller central limit theorem/ hypothesis test分类
信息技术与安全科学引用本文复制引用
贺亮,王永程,李赟,褚衍杰,沈超..基于Lindeberg-Feller定理的网络异常检测算法[J].计算机工程与应用,2019,55(4):41-47,7.基金项目
国家自然科学基金(No.61773310) (No.61773310)
国家自然科学基金重点项目(No.U1736205). (No.U1736205)
