摘要
为改进部分网络流量检测算的不足之处,提出一种新的检测算法.利用相似计算的算法对单位时间内数据包的数量是否异常做出估计和判断.对于异常的数据包数量,通过粗糙集中的决策系统做出决策,流量异常是由小型数据包引起的,还是其他数据包引起的.决策树算法来实现决策系统的决策算法.研究结果表明:检测算法不仅可以区分网络中的流量是属于正常还是异常,而且还能对流量异常的原因进行决策.
This paper proposes a new detection algorithm in order to improve some problems of network traffic detection algorithm,and makes estimates and judgments on whether the number of packets per unit time is abnormal by using similar algorithms to do calculation.For the abnormal ones,this paper makes decision on the basis of rough centralized system to identify whether it arises from the small packets or other packets.Decision tree is an algorithm to achieve decision.The results show that the detection algorithm can not only distinguish normal network traffic from abnormal ones,but also can make decision on the reasons behind.
出处
《辽宁工程技术大学学报(自然科学版)》
CAS
北大核心
2016年第11期1326-1330,共5页
Journal of Liaoning Technical University (Natural Science)
基金
国家重点实验室开放基金项目(SKLSDE-2013KF)
关键词
流量
粗糙集
相似计算
决策系统
决策树
flow
rough set
similar calculation
decision system
decision tree
