非平衡网络流量识别方法

doi:10.11772/j.issn.1001-9081.2017071812

计算机应用 ›› 2018, Vol. 38 ›› Issue (1): 20-25.DOI: 10.11772/j.issn.1001-9081.2017071812

• 2017年全国开放式分布与并行计算学术年会(DPCS 2017)论文 • 上一篇下一篇

非平衡网络流量识别方法

燕昺昊, 韩国栋, 黄雅静, 王孝龙

国家数字交换系统工程技术研究中心, 郑州 450002

收稿日期:2017-07-24 修回日期:2017-08-01 出版日期:2018-01-10 发布日期:2018-01-22
通讯作者: 燕昺昊
作者简介:燕昺昊(1994-),男,山西吕梁人,硕士研究生,CCF会员,主要研究方向:流量识别、入侵检测、协议解析;韩国栋(1964-),男,山东莱西人,副教授,博士,主要研究方向:宽带信息处理与信息安全、芯片设计与应用;黄雅静(1984-),女,湖南长沙人,助理研究员,博士,主要研究方向:芯片设计、信号处理;王孝龙(1993-),男,河南民权人,硕士研究生,主要研究方向:宽带信息网络、协议解析。
基金资助:
国家科技重大专项（2016ZX01012101）；国家自然科学基金面上项目（61572520）；国家自然科学基金创新群体项目（61521003）。

New traffic classification method for imbalanced network data

YAN Binghao, HAN Guodong, HUANG Yajing, WANG Xiaolong

National Digital Switching System Engineering & Technological Research Center, Zhengzhou Henan 450002, China

Received:2017-07-24 Revised:2017-08-01 Online:2018-01-10 Published:2018-01-22
Supported by:
This work is partially supported by the National Science Technology Major Project of China (2016ZX01012101), the National Natural Science Foundation of China (61572520), the National Natural Science Foundation Innovation Group Project of China (61521003).

摘要/Abstract

摘要： 针对网络中存在的对等网络（P2P）流量泛滥导致的流量失衡问题，提出将非平衡数据分类思想应用于流量识别过程。通过引入合成少数类过采样技术（SMOTE）算法并进行改进，提出了均值SMOTE （M-SMOTE）算法，实现对流量数据的平衡化处理。在此基础上分别采用3种机器学习分类器：随机森林（RF）、支持向量机（SVM）、反向传播神经网络（BPNN）对处理后各类流量进行识别。理论分析与仿真结果表明，在不影响P2P流量识别准确率的前提下，与非平衡状态相比，引入SMOTE算法将非P2P流量的识别准确率平均提高了16.5个百分点，将网络流量的整体识别率提高了9.5个百分点；与SMOTE算法相比，M-SMOTE算法将非P2P流量的识别准确率与网络流量的整体识别率分别进一步提高了3.2个百分点和2.6个百分点。实验结果表明，非平衡数据分类思想可有效解决P2P流量过多导致的非P2P流量识别率低的问题，同时所提M-SMOTE算法具有更高的识别准确度。

关键词: 非平衡数据, P2P流量, 流量识别, 机器学习, 合成少数类过采样技术算法

Abstract: To solve the problem existing in traffic classification that Peer-to-Peer (P2P) traffic is much more than that of non-P2P, a new traffic classification method for imbalanced network data was presented. By introducing and improving Synthetic Minority Over-sampling Technique (SMOTE) algorithm, a Mean SMOTE (M-SMOTE) algorithm was proposed to realize the balance of traffic data. On the basis of this, three kinds of machine learning classifiers:Random Forest (RF), Support Vector Machine (SVM), Back Propagation Neural Network (BPNN) were used to identify the various types of traffic. The theoretical analysis and simulation results show that, compared with the imbalanced state, the SMOTE algorithm improves the recognition accuracy of non-P2P traffic by 16.5 percentage points and raises the overall recognition rate of network traffic by 9.5 percentage points. Compared with SMOTE algorithm, the M-SMOTE algorithm further improves the recognition rate of non-P2P traffic and the overall recognition rate of network traffic by 3.2 percentage points and 2.6 percentage points respectively. The experimental results show that the way of imbalanced data classification can effectively solve the problem of low P2P traffic recognition rate caused by excessive P2P traffic, and the M-SMOTE algorithm has higher recognition accuracy rate than SMOTE.

Key words: imbalanced data, Peer-to-Peer (P2P) traffic, traffic classification, machine learning, Synthetic Minority Over sampling Technique (SMOTE) algorithm

中图分类号:

TP393.02

燕昺昊, 韩国栋, 黄雅静, 王孝龙. 非平衡网络流量识别方法[J]. 计算机应用, 2018, 38(1): 20-25.

YAN Binghao, HAN Guodong, HUANG Yajing, WANG Xiaolong. New traffic classification method for imbalanced network data[J]. Journal of Computer Applications, 2018, 38(1): 20-25.

参考文献

[1] VALENTI S, ROSSI D, DAINOTTI A, et al. Reviewing traffic classification[M]//Data Traffic Monitoring and Analysis. Berlin:Springer, 2013:123-147.
[2] CHEN J, LI J. The research of peer-to-peer network security[C]//Proceedings of the 2015 International Conference on Information Computing and Automation. Singapore:World Scientific, 2015:590-592.
[3] 翟海滨,张鸿,刘欣然,等.最小化出口流量花费的接入级P2P缓存容量设计方法[J].电子学报,2015,43(5):879-887.(ZHAI H B, ZHANG H, LIU X R, et al. A P2P cache capacity design method to minimize the total traffic cost of access ISPs[J]. Acta Electronica Sinica, 2015, 43(5):879-887.)
[4] 张国强,唐明董,程苏琦,等.P2P流量优化[J].中国科学:信息科学,2012,42(1):1-19.(ZHANG G Q, TANG M D, CHENG S Q, et al. P2P traffic optimization[J]. Science in China:Series F, 2012, 42(1):1-19.)
[5] KARIM A, SALLEH R B, SHIRAZ M, et al. Botnet detection techniques:review, future trends, and issues[J]. Frontiers of Information Technology & Electronic Engineering, 2014, 15(11):943-983.
[6] CAO Z, XIONG G, ZHAO Y, et al. A survey on encrypted traffic classification[C]//Proceedings of the 2014 International Conference on Applications and Techniques in Information Security. Berlin:Springer, 2014:73-81.
[7] GU R, WANG H, JI Y. Early traffic identification using Bayesian networks[C]//Proceedings of the 2010 IEEE International Conference on Network Infrastructure and Digital Content. Piscataway, NJ:IEEE, 2010:564-568.
[8] ZHU A. A P2P network traffic classification method based on C4.5 decision tree algorithm[C]//Proceedings of the 9th International Symposium on Linear Drives for Industry Applications. Berlin:Springer, 2014:373-379.
[9] GONG J, WANG W, WANG P, et al. P2P traffic identification method based on an improvement incremental SVM learning algorithm[C]//Proceedings of the 2015 IEEE International Symposium on Wireless Personal Multimedia Communications. Piscataway, NJ:IEEE, 2015:174-179.
[10] MU C, ZHANG C, HUANG X, et al. The efficiency analysis of the statistical feature in network traffic identification based on BP neural network[C]//Proceedings of the 2014 IEEE International Conference on Broadband Network & Multimedia Technology. Piscataway, NJ:IEEE, 2014:70-74.
[11] 陈虹,万广雪,肖振久.基于优化数据处理的深度信念网络模型的入侵检测方法[J].计算机应用,2017,37(6):1636-1643.(CHEN H, WAN G X, XIAO Z J. Intrusion detection method of deep belief network model based on optimization of data processing[J]. Journal of Computer Applications, 2017, 37(6):1636-1643.)
[12] DEEBA F, MOHAMMED S K, BUI F M, et al. Learning from imbalanced data:a comprehensive comparison of classifier performance for bleeding detection in endoscopic video[C]//Proceedings of the 2016 IEEE International Conference on Informatics, Electronics and Vision. Piscataway, NJ:IEEE, 2016:1006-1009.
[13] 高志鹏,牛琨,刘杰.面向大数据的分析技术[J].北京邮电大学学报,2015,38(3):1-12.(GAO Z P, NIU K, LIU J. Analytics towards big data[J]. Journal of Beijing University of Posts and Telecommunications, 2015, 38(3):1-12.)
[14] APANDI Z F M, MUSTAPHA N, AFFENDEY L S. Evaluating integrated weight linear method to class imbalanced learning in video data[C]//Proceedings of the 2011 IEEE International Conference on Data Mining and Optimization. Piscataway, NJ:IEEE, 2011:243-247.
[15] LIANG J, BAI L, DANG C, et al. The K-means-type algorithms versus imbalanced data distributions[J]. IEEE Transactions on Fuzzy Systems, 2012, 20(4):728-745.
[16] CHAWLA N V, BOWYER K W, HALL L O, et al. SMOTE:synthetic minority over-sampling technique[J]. Journal of Artificial Intelligence Research, 2002, 16(1):321-357.
[17] MOORE A W, ZUEV D. Internet traffic classification using Bayesian analysis techniques[C]//Proceedings of the 2005 ACM SIGMETRICS International Conference on Measurement and Modeling of Computer Systems. New York:ACM, 2005:50-60.

非平衡网络流量识别方法

New traffic classification method for imbalanced network data

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

[1]	郭棉, 张锦友. 移动边缘计算环境中面向机器学习的计算迁移策略[J]. 计算机应用, 2021, 41(9): 2639-2645.
[2]	毛铭泽, 曹芮浩, 闫春钢. 基于权值多样性的半监督分类算法[J]. 计算机应用, 2021, 41(9): 2473-2480.
[3]	秦斌斌, 彭良康, 卢向明, 钱江波. 司机分心驾驶检测研究进展[J]. 计算机应用, 2021, 41(8): 2330-2337.
[4]	姜倩玉, 王凤英, 贾立鹏. 基于感知哈希算法和特征融合的恶意代码检测方法[J]. 计算机应用, 2021, 41(3): 780-785.
[5]	秦静, 左长青, 汪祖民, 季长清, 王宝凤. 基于堆叠分类器的心电异常监测模型设计[J]. 计算机应用, 2021, 41(3): 887-890.
[6]	孟祥瑞, 杨文忠, 王婷. 基于图文融合的情感分析研究综述[J]. 计算机应用, 2021, 41(2): 307-317.
[7]	刘晓龙, 王士同. 渐进式分离的开放集模糊域自适应算法[J]. 《计算机应用》唯一官方网站, 2021, 41(11): 3127-3131.
[8]	楼豪杰, 郑元林, 廖开阳, 雷浩, 李佳. 基于Siamese-YOLOv4的印刷品缺陷目标检测[J]. 《计算机应用》唯一官方网站, 2021, 41(11): 3206-3212.
[9]	王雅辉, 钱宇华, 刘郭庆. 基于模糊优势互补互信息的有序决策树算法[J]. 计算机应用, 2021, 41(10): 2785-2792.
[10]	蒋阳升, 王胜男, 涂家祺, 李莎, 王红军. 面向高铁站的热舒适度和能耗综合预测[J]. 计算机应用, 2021, 41(1): 249-257.
[11]	朱琳, 于海涛, 雷新宇, 刘静, 王若凡. 基于MRI图像的阿尔茨海默症患者脑网络特征识别算法[J]. 计算机应用, 2020, 40(8): 2455-2459.
[12]	梁登高, 周安民, 郑荣锋, 刘亮, 丁建伟. 基于大小突发块划分的微信支付行为识别模型[J]. 计算机应用, 2020, 40(7): 1970-1976.
[13]	徐周波, 杨健, 刘华东, 黄文文. 基于XGBoost与拓扑结构信息的蛋白质复合物识别算法[J]. 计算机应用, 2020, 40(5): 1510-1514.
[14]	张俊升, 徐晶晶, 余伟. 面部美化图像质量无参考评价方法[J]. 计算机应用, 2020, 40(4): 1184-1190.
[15]	王杨, 赵红东. 基于改进粒子群优化的支持向量机与情景感知的人体活动识别[J]. 计算机应用, 2020, 40(3): 665-671.