| 基于CURE算法的网络用户行为分析 |
| |
| 引用本文: | 孙燕花,李杰,李建.基于CURE算法的网络用户行为分析[J].微机发展,2011(9):35-38. |
| |
| 作者姓名: | 孙燕花 李杰 李建 |
| |
| 作者单位: | 中南大学信息科学与工程学院,湖南长沙410075 |
| |
| 摘 要: | 从安全的角度分析网络用户行为,建立了一个基于Netflow统计的用户行为向量数据模型,提出了一个网络用户行为的分析框架,建立了一个分析流程。针对存储网络用户行为的大型数据库选用了一个合适的聚类算法即CURE算法,并对CURE算法进行了基于实际应用的改进。实验结果表明,改进后的CURE算法不仅能很好地聚类,而且能区分出正常行为和异常行为,通过危害行为评价体系分析,聚类得到的异常行为是危害行为的检测率非常高。对于实时网络上的增量数据,文中也给出了增量挖掘的算法,符合网络实时分析的需要。
|
| 关 键 词: | 网络安全 数据挖掘 CURE算法 异常行为 增量挖掘 |
Network Users Behavior Analysis Based on CURE Algorithm |
| |
| SUN Yan-hua,LI Jie,LI Jian.Network Users Behavior Analysis Based on CURE Algorithm[J].Microcomputer Development,2011(9):35-38. |
| |
| Authors: | SUN Yan-hua LI Jie LI Jian |
| |
| Affiliation: | (School of Information Science and Engineering,Central South University,Changsha 410075,China) |
| |
| Abstract: | For analysing network user behavior based on network security,a network user behavior data model based on Netflow statistics is established.A framework of analysis is put forward.An analysis process is established.According to the consumer behavior of large storage network database,an appropriate clustering algorithm,called CURE algorithm,is chosen,which is improved based on actual application.Experiment results show that the improved algorithm is not only able to cluster,but also can distinguish the normal and abnormal behaviors.Analysed by harm behavior evaluating system,most of the abnormal behaviors belong to harm behaviors.For increment data on real net,it also gives the method of increment mining,which accords with the need of real time network analysing. |
| |
| Keywords: | network security data mining CURE algorithm abnormal behavior increment mining |
| 本文献已被 维普 等数据库收录! |
|
