计算机工程与应用
計算機工程與應用
계산궤공정여응용
COMPUTER ENGINEERING AND APPLICATIONS
2015年
12期
88-93
,共6页
陈鹏%司健%于子桓%王蔚旻
陳鵬%司健%于子桓%王蔚旻
진붕%사건%우자환%왕위민
网络流%流量采集%信息熵%异常流量%流量可视化%流量监测系统
網絡流%流量採集%信息熵%異常流量%流量可視化%流量鑑測繫統
망락류%류량채집%신식적%이상류량%류량가시화%류량감측계통
netflow%traffic collection%information entropy%abnormal flow%flow visualization%traffic monitor system
通过分析网络流量可以反映网络运行情况,挖掘异常行为,感知网络安全态势。为了监测网络运行状况和流量异常情况,提高用户对网络流量态势的感知体验,针对大规模网络流量的数据量大和维度广的特点,提出了一种准实时流量数据报出机制,设计了基于三维可视化的流量监测系统,并结合基于信息熵的流量异常挖掘方法,通过人工监测和数据挖掘,实现了异常流量可视化监测,提高了异常检测成功率。给出了监测系统的设计方案和实现结果,解决了网络数据流从抽象到具象的可视化问题,提供了一种更加直观的态势展现方案,提高了用户对网络态势的感知认识能力。
通過分析網絡流量可以反映網絡運行情況,挖掘異常行為,感知網絡安全態勢。為瞭鑑測網絡運行狀況和流量異常情況,提高用戶對網絡流量態勢的感知體驗,針對大規模網絡流量的數據量大和維度廣的特點,提齣瞭一種準實時流量數據報齣機製,設計瞭基于三維可視化的流量鑑測繫統,併結閤基于信息熵的流量異常挖掘方法,通過人工鑑測和數據挖掘,實現瞭異常流量可視化鑑測,提高瞭異常檢測成功率。給齣瞭鑑測繫統的設計方案和實現結果,解決瞭網絡數據流從抽象到具象的可視化問題,提供瞭一種更加直觀的態勢展現方案,提高瞭用戶對網絡態勢的感知認識能力。
통과분석망락류량가이반영망락운행정황,알굴이상행위,감지망락안전태세。위료감측망락운행상황화류량이상정황,제고용호대망락류량태세적감지체험,침대대규모망락류량적수거량대화유도엄적특점,제출료일충준실시류량수거보출궤제,설계료기우삼유가시화적류량감측계통,병결합기우신식적적류량이상알굴방법,통과인공감측화수거알굴,실현료이상류량가시화감측,제고료이상검측성공솔。급출료감측계통적설계방안화실현결과,해결료망락수거류종추상도구상적가시화문제,제공료일충경가직관적태세전현방안,제고료용호대망락태세적감지인식능력。
Through the analysis of network traffic, the network condition reflecting, abnormal behavior mining, network security situation awareness are enabled. Large scale network flow has mass data and wide range dimensions. Aiming at these features, in order to monitor network running situation and abnormity and improve the users’awareness experience, this paper puts forward a kind of quasi real time flow reporting mechanism, designs a flow monitoring system based on 3D visualization, and combines with the flow abnormity mining method based on information entropy, through manual monitor and data mining, realizes abnormal flow visualization monitoring. It presents the monitoring system design scheme and implementation results, resolves the hard problem of network flow visualization, puts forward a kind of traffic situa-tion scheme which is more intuitive, improves the users’network situation awareness capability.