军械工程学院学报
軍械工程學院學報
군계공정학원학보
JOURNAL OF ORDNANCE ENGINEERING COLLEGE
2015年
4期
65-71
,共7页
比特流%协议识别%聚类%K-me
比特流%協議識彆%聚類%K-me
비특류%협의식별%취류%K-me
bitstream%protocol identification%clustering%K-me doids%sampling%pattern string matching
为提取比特流中各未知协议对应的比特流子集,提出了一种基于聚类和模式串匹配的未知协议比特流分类方法。在获取比特流压缩率、汉明重量和游程频数等统计特征的基础上,先采用K-medoids 算法对比特流数据进行初步聚类,再通过随机抽样和基于有向图的模式串匹配,将已知协议比特流从各聚类中筛除。对实验数据集的测试结果验证了所提方法的有效性。
為提取比特流中各未知協議對應的比特流子集,提齣瞭一種基于聚類和模式串匹配的未知協議比特流分類方法。在穫取比特流壓縮率、漢明重量和遊程頻數等統計特徵的基礎上,先採用K-medoids 算法對比特流數據進行初步聚類,再通過隨機抽樣和基于有嚮圖的模式串匹配,將已知協議比特流從各聚類中篩除。對實驗數據集的測試結果驗證瞭所提方法的有效性。
위제취비특류중각미지협의대응적비특류자집,제출료일충기우취류화모식천필배적미지협의비특류분류방법。재획취비특류압축솔、한명중량화유정빈수등통계특정적기출상,선채용K-medoids 산법대비특류수거진행초보취류,재통과수궤추양화기우유향도적모식천필배,장이지협의비특류종각취류중사제。대실험수거집적측시결과험증료소제방법적유효성。
A method is put forward for unknown protocol bitstreams classifying based on clustering and pattern matching in order to extract the substreams of different unknown protocols bitstreams.On the precondition of obtaining the statistic characteristic parameters,which include compress rate,hamming weight and runs frequency,the bitstreams are first clustered with the K-medoids algorithm.Then the bitstreams of known protocols in each cluster are picked out with known protocol identification method based on random sampling and pattern matching of directed graph.The effectiveness of the proposed method has been verified on the experimental data sets.
