Fast Capture of Abnormal Traffic Values in Network Communication Ports Based on Multi Label Classification Algorithm
Due to the real-time updating characteristics of network communication port traffic status,it is difficult to capture outliers.Therefore,a fast capture method for network communi-cation port traffic outliers based on multi label classification algorithm is proposed.By analyzing and calculating the statistical characteristics of network communication port traffic(size,direc-tion,and protocol type of traffic),a representative set of labels is generated for each network communication port.GCN is used to learn a set of interdependent network communication port traffic data label classifiers,and the corresponding classifier input is composed of nodes and label correlation matrices,The specific node representation form is the feature vector of the network communication port traffic data label.The number of occurrences of the network communica-tion port traffic data label pair is used as the execution basis for establishing the correlation ma-trix.When the classifier outputs the conditional probability matrix corresponding to the co-oc-currence matrix of the network communication port traffic data label,it is determined that the network communication port traffic data at this time is an outlier.In the test results,the ACC of the capture results of port traffic outliers remained stable above 0.85,and the F1 score of the capture results of port traffic outliers remained stable above 0.83.Compared with the test re-sults of the control group,it has a significant advantage.
Multi label classification algorithmRapid capture of abnormal traffic values on net-work communication portsGCN learningLabel classifier
NETL
NSTL
万方数据
