Manifold-based attack identification method for dimension reduction and clustering of network data packet features

A network data packet and attack identification technology, applied in the information field, can solve the problems of dimension disaster, direct distance and geodesic distance deviation, etc., and achieve the effect of less data samples

Pending Publication Date: 2022-06-03
SHANGHAI NORMAL UNIVERSITY
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] Without the use of manifold dimensionality reduction, clustering directly on the original high-dimensional features will face the problem of dimensionality disaster and the huge deviation between direct distance and geodesic distance

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Manifold-based attack identification method for dimension reduction and clustering of network data packet features
  • Manifold-based attack identification method for dimension reduction and clustering of network data packet features
  • Manifold-based attack identification method for dimension reduction and clustering of network data packet features

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0046] A manifold-based network packet feature dimensionality reduction and clustering attack identification method, such as figure 1 ,include:

[0047] S1. Collect original network data packet features, form a feature set, and perform data preprocessing;

[0048] S2. Generate a fuzzy simplex set according to the feature set;

[0049] S3. The stochastic gradient descent algorithm is used to reduce the manifold dimension of the fuzzy simplex set to obtain a low-dimensional manifold;

[0050] S4. According to the low-dimensional manifold, determine whether the original network data packet is a network attack data packet through an unsupervised clustering algorithm.

[0051] In step S1, separate continuous features and discrete features in the original data set, among which protocol_type, service, flag, land, logged_in, is_host_login, is_guest_login, a total of 7 features are discrete features, and the remaining 34 are continuous features.

[0052] Use the upper and lower quar...

Embodiment 2

[0079] In this embodiment, the same data points in the fuzzy simplicity of continuous features and discrete features are operated to take intersection or union, integrate different distance metrics, and regenerate low-dimensional manifolds. The formula for taking the union is as follows: The intersection goes on like this:

[0080] W(x,y)=∪(W a (x,y),W b (x,y))

[0081] where W is the connection probability between two points in the fuzzy simplex, and the subscript indicates that it originates from different fuzzy simplex.

[0082] Others are the same as in Example 1.

Embodiment 3

[0084] An electronic device includes a memory and a processor, the memory stores a computer program, and the processor invokes the program instructions to execute the attack identification method described in Embodiment 1.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a manifold-based attack identification method for dimension reduction and clustering of network data packet features, which comprises the following steps of: S1, collecting original network data packet features to form a feature set, and performing data preprocessing S2, generating a fuzzy simplex set according to the feature set; s3, manifold dimensionality reduction is carried out on the fuzzy simplex set through a stochastic gradient descent algorithm, and a low-dimensional manifold is obtained; and S4, according to the low-dimensional manifold, judging whether the original network data packet is a network attack data packet through an unsupervised clustering algorithm. Compared with the prior art, the method has the advantages that the accuracy of identifying novel attacks is improved, and the interpretability is high.

Description

technical field [0001] The invention relates to the field of information technology, in particular to an attack identification method for dimensionality reduction and clustering based on manifold-based network data packet features. Background technique [0002] At present, in the field of network attack identification, hackers' network attacks are ubiquitous, and intrusion detection plays an extremely important role in the current Internet security. Traditional network attack identification methods generally use rule bases to prevent attack behaviors, which require a lot of manual participation and have low accuracy. Subsequent research has introduced machine learning methods, which still face imbalanced samples, cannot identify new attacks, and are difficult to obtain models. interpretability issues. [0003] For the identification of network attacks using machine learning or deep learning methods, it can mainly provide better protection against DDoS attacks, but it is alm...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/40G06K9/62
CPCH04L63/1416G06F18/23213G06F18/213G06F18/214Y02D30/50
Inventor 潘建国胡正欣李欢李美子彭伟民
Owner SHANGHAI NORMAL UNIVERSITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap