基于Hadoop的全網(wǎng)絡(luò)流量異常監(jiān)測(cè)算法研究
發(fā)布時(shí)間:2019-05-07 08:14
【摘要】:網(wǎng)絡(luò)安全防護(hù)水平隨著網(wǎng)絡(luò)規(guī)模的不斷擴(kuò)大被提升到一個(gè)新的高度。傳統(tǒng)的入侵檢測(cè)均基于單條鏈路或者單個(gè)節(jié)點(diǎn),但是在大規(guī)模網(wǎng)絡(luò)中大多數(shù)異常在單條鏈路或者單個(gè)節(jié)點(diǎn)的表征不明顯,這就導(dǎo)致傳統(tǒng)的入侵檢測(cè)不能兼顧到大規(guī)模網(wǎng)絡(luò),,因此需要將云計(jì)算引入到入侵檢測(cè)中。Hadoop云計(jì)算平臺(tái)在海量數(shù)據(jù)處理上具有的高效、高容錯(cuò)、高擴(kuò)展和高可靠性以及開(kāi)源的特點(diǎn)均有利于提高海量數(shù)據(jù)的處理能力,因此將Hadoop云計(jì)算平臺(tái)引入入侵檢測(cè)勢(shì)在必行。 本文首先主要研究了Hadoop的兩個(gè)關(guān)鍵技術(shù):HDFS存儲(chǔ)框架和MapReduce計(jì)算框架。分析并拆解了多尺度主成分分析(MSPCA)的主要步驟,并且基于MapReduce實(shí)現(xiàn)了對(duì)MSPCA算法的并行化;其次對(duì)并行化的MSPCA算法進(jìn)行了可擴(kuò)展性與加速比試驗(yàn);最后在原型系統(tǒng)中驗(yàn)證并行化MSPCA算法對(duì)于異常流量的檢測(cè)能力。
[Abstract]:With the expansion of network scale, the level of network security protection has been upgraded to a new level. Traditional intrusion detection is based on a single link or a single node, but in a large-scale network, most of the anomalies are not obvious in a single link or a single node, which leads to the traditional intrusion detection can not take into account the large-scale network. Therefore, cloud computing needs to be introduced into intrusion detection. Hadoop cloud computing platform has the characteristics of high efficiency, high fault tolerance, high scalability, high reliability and open source, which are helpful to improve the processing capability of massive data. Therefore, it is imperative to introduce Hadoop cloud computing platform into intrusion detection. Firstly, two key technologies of Hadoop are studied: HDFS storage framework and MapReduce computing framework. The main steps of multi-scale principal component analysis (MSPCA) are analyzed and disassembled, and the parallelization of MSPCA algorithm is realized based on MapReduce. Secondly, the scalability and speedup test of parallel MSPCA algorithm are carried out. Finally, the ability of parallel MSPCA algorithm to detect abnormal traffic is verified in the prototype system.
【學(xué)位授予單位】:鄭州大學(xué)
【學(xué)位級(jí)別】:碩士
【學(xué)位授予年份】:2014
【分類號(hào)】:TP393.08
本文編號(hào):2470910
[Abstract]:With the expansion of network scale, the level of network security protection has been upgraded to a new level. Traditional intrusion detection is based on a single link or a single node, but in a large-scale network, most of the anomalies are not obvious in a single link or a single node, which leads to the traditional intrusion detection can not take into account the large-scale network. Therefore, cloud computing needs to be introduced into intrusion detection. Hadoop cloud computing platform has the characteristics of high efficiency, high fault tolerance, high scalability, high reliability and open source, which are helpful to improve the processing capability of massive data. Therefore, it is imperative to introduce Hadoop cloud computing platform into intrusion detection. Firstly, two key technologies of Hadoop are studied: HDFS storage framework and MapReduce computing framework. The main steps of multi-scale principal component analysis (MSPCA) are analyzed and disassembled, and the parallelization of MSPCA algorithm is realized based on MapReduce. Secondly, the scalability and speedup test of parallel MSPCA algorithm are carried out. Finally, the ability of parallel MSPCA algorithm to detect abnormal traffic is verified in the prototype system.
【學(xué)位授予單位】:鄭州大學(xué)
【學(xué)位級(jí)別】:碩士
【學(xué)位授予年份】:2014
【分類號(hào)】:TP393.08
【參考文獻(xiàn)】
相關(guān)期刊論文 前5條
1 王海龍;楊岳湘;李強(qiáng);;基于子空間方法的大規(guī)模網(wǎng)絡(luò)流量異常檢測(cè)[J];計(jì)算機(jī)工程與應(yīng)用;2007年11期
2 賈冠昕;楊波;陳貞翔;彭立志;;基于NetFlow時(shí)間序列的網(wǎng)絡(luò)異常檢測(cè)[J];計(jì)算機(jī)工程與應(yīng)用;2008年24期
3 肖志新;楊岳湘;楊霖;;基于小波技術(shù)的網(wǎng)絡(luò)異常流量檢測(cè)與實(shí)現(xiàn)[J];計(jì)算機(jī)科學(xué);2006年10期
4 錢葉魁;陳鳴;葉立新;劉鳳榮;朱少衛(wèi);張晗;;基于多尺度主成分分析的全網(wǎng)絡(luò)異常檢測(cè)方法[J];軟件學(xué)報(bào);2012年02期
5 胡志剛;梁曉揚(yáng);;基于Hadoop的海量網(wǎng)格數(shù)據(jù)建模[J];計(jì)算機(jī)系統(tǒng)應(yīng)用;2010年10期
本文編號(hào):2470910
本文鏈接:http://www.wukwdryxk.cn/guanlilunwen/ydhl/2470910.html
最近更新
教材專著
