期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

适用于协议特征提取的多级T+序列树挖掘算法

Mining Algorithm Based on Multilevel T + Sequence Tree for Protocol Signatures Extracting
在线阅读 下载PDF
导出
摘要 网络流量识别对于网络规划、网络管理和安全监测等非常重要。基于应用层的协议特征检测技术已成为网络流量识别的主流方法。但是在高速的网络流量识别的过程中,针对传统协议特征提取算法效率较低、可信度较差等问题,提出了一种适用于协议特征提取的多级T+序列树挖掘算法。该方法首先将序列数据库装入内存,构建多级T+序列树,接着对该树进行裁剪,然后通过构建投影T+序列树和连接等操作得到协议特征序列,最后通过一个实例说明了该算法的执行过程。实验结果表明:该算法较基于Prefix Span的协议识别算法能有效地减少扫描和产生序列数据库的次数,降低磁盘I/O操作的时间,提高了运行效率,从而保证了提取不同协议特征的正确性和可靠性。 It is very important for network traffic identification in the process of network plan, network management and safety monito- ring. The main method of network traffic identification is protocol feature detection technology based on application layer. In course oF high speed network traffic identification, in order to solve the problem of low efficiency and poor reliability of algorithm for traditional protocol signatures extracting, a mining algorithm based on multilevel T+ sequence tree for protocol signatures extracting is proposed. Firstly, the sequence database is loaded into main memory, and multilevel T+ sequence tree is created. Secondly, the tree is cutted. Third- ly, the protocol feature sequence is found by serial operation, such as creating the projection T+ sequence tree and connection and so on. Finally, the implementation process of the algorithm is illustrated through an example. The experimental results indicate that the algorithm effectively reduces the number of scanning and creating sequence database,and saves the time of disk I/O operation compared with the protocol identification algorithm based on PrefixSpan, and improves running efficiency, which verifies the validity and reliability for ex- tracting different protocol feature.
作者 李全
机构地区 湖北师范学院教育信息与技术学院
出处 《计算机技术与发展》 2015年第10期71-75,共5页 Computer Technology and Development
基金 湖北省教育科学"十二五"规划项目(2011B130)
关键词 流量识别 网络规划 协议特征 T树 数据挖掘 特征序列 PREFIXSPAN算法 traffic identification network plan protocol signatures T tree data mining feature sequence PrefixSpan algorithm
分类号 TP301.6 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献15

  • 1杨丰瑞,吴辉,张治中.基于DPI技术LTE-S1接口流量识别系统的设计与实现[J].重庆邮电大学学报(自然科学版),2014,26(5):622-625. 被引量:6
  • 2杜瑞颖,杨勇,陈晶,王持恒.一种基于相似度的高效网络流量识别方案[J].山东大学学报(理学版),2014,49(9):109-114. 被引量:3
  • 3赵国锋,吉朝明,徐川.Internet流量识别技术研究[J].小型微型计算机系统,2010,31(8):1514-1520. 被引量:10
  • 4Yoon Sung-Ho, Park Jun-Sang, Kim Myung-Sup. Signature maintenance for Internet application traffic identification using header signatures [ C ]//Proceedings of 2012 international con- ference on network operations and management. Maui:IEEE, 2012:1151-1158.
  • 5Zhang Wen,Wang Heng. Identification of peer-to-peer traffic based on process fingerprint[ C]//Proceedings of 2011 inter- national conference on mechatronic science, electric engineer- ing and computer. Jilin : IEEE, 2011 : 1559-1562.
  • 6Du Jiang, Long Tao. P2P traffic identification research based on the SVM [ C ]//Proceedings of 2013 intemational confer- ence on wireless and optical communication. Chongqing: IEEE ,2013:683-686.
  • 7张晓初,杨瑞君,吴伟航,胡申明,陈冰.互联网流量采集分析系统设计与实现[J].计算机工程,2012,38(3):82-84. 被引量:3
  • 8Park B, Won Y J, Kim M, et al. Towards automated application signature generation for traffic identification [ C ]//Proc of NOMS 2008. Salvador : IEEE ,2008 : 160-167.
  • 9龙文,马坤,辛阳,杨义先.适用于协议特征提取的关联规则改进算法[J].电子科技大学学报,2010,39(2):302-305. 被引量:11
  • 10Lin Guanzhou, Xin Yang, Yang Yixian. An application-level features mining algorithm based on PrefixSpan[ C]//Proceed- ings of 2010 international conference on computer engineering and technology. Chengdu: 1EEE ,2010:461-465.

二级参考文献89

  • 1周立柱,林玲.聚焦爬虫技术研究综述[J].计算机应用,2005,25(9):1965-1969. 被引量:156
  • 2魏辉,张治中.TD-SCDMA网络测试仪中SCCP协议解码及上层PDU获取方案[J].重庆邮电大学学报(自然科学版),2007,19(1):47-52. 被引量:12
  • 3张晓初,冯悦,陈依群,吴伟航,周建军,陈斌.应用级流量测量系统IPTMAS[J].计算机工程与科学,2007,29(5):37-40. 被引量:1
  • 4蒋蔚新,薛质,陈依群.协同式入侵监视系统的体系结构设计[J].计算机应用与软件,2007,24(6):159-161. 被引量:1
  • 5陈亮,龚俭,徐选.应用层协议识别算法综述[J].计算机科学,2007,34(7):73-75. 被引量:33
  • 6SEN S, SPATSCHECK O, WANG D. Accurate, scalable in-network identification of P2P traffic using application signatures[C]//WWW 2004: Proceedings of Thirteenth International World Wide Web Conference. New York: ACM Press, 2004: 512-521.
  • 7HAMZA D, SANDRINE V, DAVID R. A markovian signature-based approach to IP traffic classification[C]// MineNet'07: Proceedings of the Third Annual ACM Workshop on Mining Network Data. San Diego: ACM Press, 2007: 29-34.
  • 8HAFFNER P, SEN S, SPATSCHECK O, et al. ACAS: Automated construction of application signatures[C]// Proceedings of ACM SIGCOMM 2005 Workshops: Conference on Computer Communications. Philadelphia: ACM Press, 2005: 197-202.
  • 9HAN Hong, LU Xian-liang. Data mining aided signature discovery in network-based intrusion detection system[J]. ACM SIGOPS Operating Systems Review, 2002, 36(4): 7-13.
  • 10AGRAWAL R, IMIELINSKI T, WAMI A S. Mining association rules between sets of items in large databases[C]//Proceedings of the 1993 ACM SIGMOD International Conference on Management of Data. Washington: ACM Press, 1993:207-216.

共引文献48

计算机技术与发展
2015年 第10期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部