期刊
JOURNAL OF VISUALIZATION
卷 22, 期 1, 页码 215-229出版社
SPRINGER
DOI: 10.1007/s12650-018-0525-z
关键词
Real-time analysis; Network security visualization; Machine learning; Incremental learning; Pattern recognition
资金
- National Key Research and Development Program of China [2017YFB0701900]
- National Nature Science Foundation of China [61100053]
- CCF-Venustech Hongyan Research Initiative [2016-013]
The real-time analysis of network data is of great significance to network security. Visualization technology and machine learning can assist in network data analysis from different aspects. However, there is little research regarding combining these two methods to process real-time network data. This paper proposes a novel real-time network security system. Combining unsupervised learning and visualization technology, it can identify network behavior patterns and provide a visualization module to adjust models interactively. The system is primarily divided into three parts. In the feature extraction part, we train a deep auto-encoder to compress the feature dimension. In the behavior pattern recognition part, normal and abnormal pattern SOINNs are trained incrementally. In visualization part, analysts can use multiple views to judge recognition results rapidly and adjust models so that the identification accuracy can be increased. We use the data in VAST Challenge 2013 to show that our system can identify network behavior patterns in real time and find the correlations between them.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据