| 特殊网络通信行为的数据挖掘与分析 |
| |
| 引用本文: | 赵汝英,张小飞,张道银,张志明.特殊网络通信行为的数据挖掘与分析[J].网络安全技术与应用,2012(7):8-11. |
| |
| 作者姓名: | 赵汝英 张小飞 张道银 张志明 |
| |
| 作者单位: | 国网电力科学研究院信息网络安全实验室,江苏,210061 |
| |
| 摘 要: | 为了挖掘可疑通信的行为模式,定位发生了可疑通信行为的上网账户,本文首先分析了可疑通信行为特点。然后针对已有关联规则挖掘算法不能同时满足多层次数据挖掘和加权关联规则挖掘的问题,分析对比两种典型的基本关联规则算法,以FP-tree为基础,提出了ML-WFP多层次加权关联规则挖掘算法。针对算法中数据项权重的确定问题,由用户设置数据项间的重要性比较关系,借鉴模糊一致矩阵的概念,利用模糊层次分析法计算数据项的权重。最后将该算法应用于可疑通信行为的挖掘。实验测试结果表明可疑通信行为挖掘方案合理有效。
|
| 关 键 词: | 可疑网络通信 多层次加权关联规则 数据挖掘 模糊层次分析法 |
Data Mining and Analysis of Special Behaviors on Network Communication |
| |
| Zhao Ruying,Zhang Xiaofei,Zhang Daoyin,Zhang Zhiming.Data Mining and Analysis of Special Behaviors on Network Communication[J].Net Security Technologies and Application,2012(7):8-11. |
| |
| Authors: | Zhao Ruying Zhang Xiaofei Zhang Daoyin Zhang Zhiming |
| |
| Affiliation: | State Grid Electric Power Research Institute,Information and Network Security Lab,Jiangsu,210061,China |
| |
| Abstract: | To mine suspicious behavior patterns and locate suspicious user accounts,suspicious communication characteristics were studied.Due to the drawbacks of existing algorithms of mining association rules,which can't meet both the weighted data mining and multi-level association rule mining requirements,ML-WFP algorithm,a multi-level weighted association rules algorithm is proposed.As for the weights of data items in the algorithm,an approach to set the relative importance,between data items and uses fuzzy AHP to calculate the weight of items based on the concept of fuzzy consistent matrix,also is proposed.The correctness and rationality of the scheme is verified from experimental results. |
| |
| Keywords: | Suspicious network communication Multi-level weighted association rule Data mining Fuzzy AHP |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
