《電子技術(shù)應(yīng)用》
您所在的位置:首頁 > 通信與網(wǎng)絡(luò) > 設(shè)計(jì)應(yīng)用 > 基于圖論算法的網(wǎng)絡(luò)通信異常節(jié)點(diǎn)識(shí)別*
基于圖論算法的網(wǎng)絡(luò)通信異常節(jié)點(diǎn)識(shí)別*
網(wǎng)絡(luò)安全與數(shù)據(jù)治理 7期
桂丹萍,費(fèi)揚(yáng)
(1.閩南科技學(xué)院通識(shí)教育學(xué)院, 福建泉州362300;2.上海交通大學(xué)電子信息與電氣工程學(xué)院,上海200240)
摘要: 針對(duì)網(wǎng)絡(luò)通信中異常節(jié)點(diǎn)的識(shí)別,傳統(tǒng)的基于規(guī)則和簽名的方式,或是只參考局部圖形特征的方法,在識(shí)別網(wǎng)絡(luò)中的關(guān)鍵用戶時(shí)都存在局限性。提出了一種基于圖論算法的異常節(jié)點(diǎn)檢測(cè)方法。首先,通過線下采集的真實(shí)局域網(wǎng)數(shù)據(jù)集生成圖網(wǎng)絡(luò);利用網(wǎng)絡(luò)的多個(gè)圖形特征來定位異常節(jié)點(diǎn),分析其可能存在的異常行為;其次在網(wǎng)絡(luò)公開數(shù)據(jù)集上進(jìn)行實(shí)驗(yàn),以驗(yàn)證檢測(cè)的效果;最后的測(cè)試結(jié)果證明,本方法可以在網(wǎng)絡(luò)通信中有效地定位異常節(jié)點(diǎn),高效便捷,實(shí)用性佳。
中圖分類號(hào):TP393.1
文獻(xiàn)標(biāo)識(shí)碼:A
DOI:10.19358/j.issn.2097-1788.2023.07.007
引用格式:桂丹萍,費(fèi)揚(yáng).基于圖論算法的網(wǎng)絡(luò)通信異常節(jié)點(diǎn)識(shí)別[J].網(wǎng)絡(luò)安全與數(shù)據(jù)治理,2023,42(7):43-48.
Identification of abnormal nodes in network communication based on graph theory algorithm
Gui Danping1,F(xiàn)ei Yang2
(1.School of General Education, Minnan Science and Technology University, Quanzhou 362300, China; 2.School of Electronic Information and Electrical Engineering, Shanghai Jiao Tong University, Shanghai 200240, China)
Abstract: The traditional methods of identifying abnormal nodes in network communication, which rely on rules and signatures, or methods that only use partial graphical features, are limited when identifying key users. An anomaly node detection algorithm based on graph theory is proposed in this paper. Firstly local area network datasets collected offline are used to build a graph network; multiple graph features are analyzed to locate abnormal nodes in the network and analyze their potential abnormal behavior; secondly, experiments are conducted to test the detection effect on public network datasets. As a result of the final test results, it has proven to be efficient, convenient, and practical in locating abnormal nodes in network communication.
Key words : graph theory algorithm; abnormal detection; graph network generation; graph feature analysis

0    引言

隨著信息化時(shí)代的到來,網(wǎng)絡(luò)安全問題開始在全球大量的局域網(wǎng)中出現(xiàn),不法分子利用網(wǎng)絡(luò)結(jié)構(gòu)的漏洞對(duì)網(wǎng)絡(luò)內(nèi)部的信息、設(shè)備甚至用戶進(jìn)行攻擊,引發(fā)網(wǎng)絡(luò)異常,以達(dá)到竊取信息、癱瘓網(wǎng)絡(luò)等效果。為了提高網(wǎng)絡(luò)安全保障能力,需要利用大量數(shù)據(jù)進(jìn)行網(wǎng)絡(luò)安全監(jiān)測(cè)、風(fēng)險(xiǎn)評(píng)估和威脅畫像構(gòu)建。在這個(gè)網(wǎng)絡(luò)安全檢測(cè)的全過程中,分析網(wǎng)絡(luò)通信節(jié)點(diǎn)的可靠性是非常重要的一環(huán)。因此,網(wǎng)絡(luò)安全的研究和應(yīng)用變得至關(guān)重要。在真實(shí)環(huán)境中,尤其是在存有大量網(wǎng)絡(luò)節(jié)點(diǎn)的內(nèi)部網(wǎng)絡(luò)中,很難預(yù)知并自動(dòng)檢測(cè)可疑節(jié)點(diǎn)。如何對(duì)通信網(wǎng)絡(luò)流量實(shí)現(xiàn)安全監(jiān)控并構(gòu)建網(wǎng)絡(luò)節(jié)點(diǎn)的威脅畫像,很大程度上依賴于對(duì)于網(wǎng)絡(luò)異常節(jié)點(diǎn)的正確識(shí)別。



本文詳細(xì)內(nèi)容請(qǐng)下載:http://ihrv.cn/resource/share/2000005419




作者信息:

桂丹萍1,費(fèi)揚(yáng)2 

(1.閩南科技學(xué)院通識(shí)教育學(xué)院, 福建泉州362300;2.上海交通大學(xué)電子信息與電氣工程學(xué)院,上海200240)


微信圖片_20210517164139.jpg

此內(nèi)容為AET網(wǎng)站原創(chuàng),未經(jīng)授權(quán)禁止轉(zhuǎn)載。