基于自适应集成学习的异常流量检测OACSTPCD
Abnormal Traffic Detection Based on Adaptive Integrated Learning
提出了 一种基于自适应集成学习的异常流量检测方法,使用离散傅里叶变换提取流量的频域特征,使得对流量特征提取过程中信息损失较小.用一种基于稳定性和准确性波动的评估指标来动态评估当前流量特征的可靠性,通过评估的特征数据块用于生成新的子分类器.同时,设计了一种集成自适应分类器,其参数和子分类器会根据当前的情况进行实时调整.实验结果表明,该方法对于解决异常流量检测中的概念漂移问题和机器学习对抗攻击问题有良好的效果.
We propose an adaptive integrate-learning-based anomalous traffic detection method in this paper that uses the discrete Fourier transform to extract the frequency domain features of traffic,resulting in less information loss during the extraction of traffic features.An evaluation metric based on stability and accuracy fluctuations is used to dynamically assess the reliability of the current traffic features,and the feature data blocks that pass the evaluation are used to generate new sub-classifiers.Meanwhile,an integrated adaptive classifier is designed,whose parameters and sub-classifiers are adjusted in real time according to the current situation.The experimental results show that the method is effective for solving the concept drift problem in anomalous traffic detection and machine learning against attacks.
倪嘉翼;陈伟;童家铖;李频
南京邮电大学计算机学院、软件学院、网络空间安全学院 南京 210023南京邮电大学计算机学院、软件学院、网络空间安全学院 南京 210023||江苏省大数据安全与智能处理重点实验室 南京 210023
计算机与自动化
异常流量检测频域特征概念漂移集成学习自适应学习
anomalous traffic detectionfrequency domain featureconcept driftintegration learningadaptive learning
《信息安全研究》 2024 (001)
34-39 / 6
国家重点研发计划项目(2019YFB2101704)
评论