基于Hadoop的全網(wǎng)絡流量異常監(jiān)測算法研究
發(fā)布時間:2019-05-07 08:14
【摘要】:網(wǎng)絡安全防護水平隨著網(wǎng)絡規(guī)模的不斷擴大被提升到一個新的高度。傳統(tǒng)的入侵檢測均基于單條鏈路或者單個節(jié)點,但是在大規(guī)模網(wǎng)絡中大多數(shù)異常在單條鏈路或者單個節(jié)點的表征不明顯,這就導致傳統(tǒng)的入侵檢測不能兼顧到大規(guī)模網(wǎng)絡,,因此需要將云計算引入到入侵檢測中。Hadoop云計算平臺在海量數(shù)據(jù)處理上具有的高效、高容錯、高擴展和高可靠性以及開源的特點均有利于提高海量數(shù)據(jù)的處理能力,因此將Hadoop云計算平臺引入入侵檢測勢在必行。 本文首先主要研究了Hadoop的兩個關鍵技術:HDFS存儲框架和MapReduce計算框架。分析并拆解了多尺度主成分分析(MSPCA)的主要步驟,并且基于MapReduce實現(xiàn)了對MSPCA算法的并行化;其次對并行化的MSPCA算法進行了可擴展性與加速比試驗;最后在原型系統(tǒng)中驗證并行化MSPCA算法對于異常流量的檢測能力。
[Abstract]:With the expansion of network scale, the level of network security protection has been upgraded to a new level. Traditional intrusion detection is based on a single link or a single node, but in a large-scale network, most of the anomalies are not obvious in a single link or a single node, which leads to the traditional intrusion detection can not take into account the large-scale network. Therefore, cloud computing needs to be introduced into intrusion detection. Hadoop cloud computing platform has the characteristics of high efficiency, high fault tolerance, high scalability, high reliability and open source, which are helpful to improve the processing capability of massive data. Therefore, it is imperative to introduce Hadoop cloud computing platform into intrusion detection. Firstly, two key technologies of Hadoop are studied: HDFS storage framework and MapReduce computing framework. The main steps of multi-scale principal component analysis (MSPCA) are analyzed and disassembled, and the parallelization of MSPCA algorithm is realized based on MapReduce. Secondly, the scalability and speedup test of parallel MSPCA algorithm are carried out. Finally, the ability of parallel MSPCA algorithm to detect abnormal traffic is verified in the prototype system.
【學位授予單位】:鄭州大學
【學位級別】:碩士
【學位授予年份】:2014
【分類號】:TP393.08
本文編號:2470910
[Abstract]:With the expansion of network scale, the level of network security protection has been upgraded to a new level. Traditional intrusion detection is based on a single link or a single node, but in a large-scale network, most of the anomalies are not obvious in a single link or a single node, which leads to the traditional intrusion detection can not take into account the large-scale network. Therefore, cloud computing needs to be introduced into intrusion detection. Hadoop cloud computing platform has the characteristics of high efficiency, high fault tolerance, high scalability, high reliability and open source, which are helpful to improve the processing capability of massive data. Therefore, it is imperative to introduce Hadoop cloud computing platform into intrusion detection. Firstly, two key technologies of Hadoop are studied: HDFS storage framework and MapReduce computing framework. The main steps of multi-scale principal component analysis (MSPCA) are analyzed and disassembled, and the parallelization of MSPCA algorithm is realized based on MapReduce. Secondly, the scalability and speedup test of parallel MSPCA algorithm are carried out. Finally, the ability of parallel MSPCA algorithm to detect abnormal traffic is verified in the prototype system.
【學位授予單位】:鄭州大學
【學位級別】:碩士
【學位授予年份】:2014
【分類號】:TP393.08
【參考文獻】
相關期刊論文 前5條
1 王海龍;楊岳湘;李強;;基于子空間方法的大規(guī)模網(wǎng)絡流量異常檢測[J];計算機工程與應用;2007年11期
2 賈冠昕;楊波;陳貞翔;彭立志;;基于NetFlow時間序列的網(wǎng)絡異常檢測[J];計算機工程與應用;2008年24期
3 肖志新;楊岳湘;楊霖;;基于小波技術的網(wǎng)絡異常流量檢測與實現(xiàn)[J];計算機科學;2006年10期
4 錢葉魁;陳鳴;葉立新;劉鳳榮;朱少衛(wèi);張晗;;基于多尺度主成分分析的全網(wǎng)絡異常檢測方法[J];軟件學報;2012年02期
5 胡志剛;梁曉揚;;基于Hadoop的海量網(wǎng)格數(shù)據(jù)建模[J];計算機系統(tǒng)應用;2010年10期
本文編號:2470910
本文鏈接:http://www.wukwdryxk.cn/guanlilunwen/ydhl/2470910.html
最近更新
教材專著
