基于节点通信行为时序的指控信息流挖掘算法

项英倬; 徐正国; 游凌

doi:10.11959/j.issn.1000-436x.2019176

您当前的位置：

首页 >

文章列表页 >

基于节点通信行为时序的指控信息流挖掘算法

学术论文 | 更新时间：2024-06-05

- 基于节点通信行为时序的指控信息流挖掘算法
- Instruction flow mining algorithm based on the temporal sequence of node communication actions
- 通信学报 2019年40卷第9期页码：51-60
- 作者机构：
  
  盲信号处理国家重点实验室，四川成都 610041
- 作者简介：
  
  [ "项英倬（1990- ），男，山东东营人，盲信号处理国家重点实验室博士生，主要研究方向为数据挖掘、人工智能、大数据。" ]
  [ "徐正国（1986- ），男，四川成都人，盲信号处理国家重点实验室工程师，主要研究方向为数据挖掘、人工智能、大数据。" ]
  [ "游凌（1971- ），男，四川成都人，博士，盲信号处理国家重点实验室研究员、博士生导师，主要研究方向为信号分析、网络态势、数据挖掘、大数据等。" ]
- 基金信息：
  
  国家自然科学基金资助项目(61403301)
- DOI：10.11959/j.issn.1000-436x.2019176
  中图分类号： TP301
- 网络出版日期：2019-09，
  
  纸质出版日期：2019-09-25
- 稿件说明：
移动端阅览
项英倬, 徐正国, 游凌. 基于节点通信行为时序的指控信息流挖掘算法[J]. 通信学报, 2019,40(9):51-60.

Yingzhuo XIANG, Zhengguo XU, Ling YOU. Instruction flow mining algorithm based on the temporal sequence of node communication actions[J]. Journal on communications, 2019, 40(9): 51-60.
项英倬, 徐正国, 游凌. 基于节点通信行为时序的指控信息流挖掘算法[J]. 通信学报, 2019,40(9):51-60. DOI： 10.11959/j.issn.1000-436x.2019176.

Yingzhuo XIANG, Zhengguo XU, Ling YOU. Instruction flow mining algorithm based on the temporal sequence of node communication actions[J]. Journal on communications, 2019, 40(9): 51-60. DOI： 10.11959/j.issn.1000-436x.2019176.

摘要

针对通信网络中节点之间通信内容未知的情况，提出了一种基于节点行为时序的指控信息流挖掘算法。首先，对用户通信行为的相关性进行建模，提出了节点通信行为模型，分别对节点的背景通信和指控类通信的行为进行建模；其次，提出了 FlowMine 算法，对模型进行求解并对算法的收敛性进行了分析，该算法采用抽样迭代的思想对模型参数进行估计，能够给出参数的一个近似估计值；最后，通过模拟数据和实际数据验证并分析了FlowMine算法的有效性。实验结果表明，所提算法能够较快收敛，并能够得到可信的指控信息流。

Abstract

With the situation that the content of the communication between the nodes in the network is unknown

an instruction flow mining algorithm based on the communication sequence was proposed.Firstly

by modelling the relativity of the communication actions and proposing the node communication actions model

the background communication and instruction communication actions was modelled.Moreover

FlowMine algorithm was proposed to solve such models and the convergence of the algorithm was analyzed.The algorithm estimated parameters by sampling and iteration which obtained a near optimal solution.Finally

the validity of the approach was verified by synthetic data and empirical data analysis.Experiment results show the convergence and reliable performance of FlowMine algorithm.

关键词

Keywords

references

ZAND A , VIGNA G , YAN X , et al . Extracting probable command and control signatures for detecting botnets [C ] // The 29th Annual ACM Symposium on Applied Computing . ACM , 2014 : 1657 - 1662 .

AFEK Y , BREMLER-BARR A , FEIBISH S L . Zero-day signature extraction for high-volume attacks [J ] . IEEE/ACM Transactions on Networking , 2019 , 27 ( 2 ): 691 - 706 .

BILGE L , BALZAROTTI D , ROBERTSON W , et al . Disclosure:detecting botnet command and control servers through large-scale netflow analysis [C ] // The 28th Annual Computer Security Applications Conference . ACM , 2012 : 129 - 138 .

VORMAYR G , ZSEBY T , FABINI J . Botnet communication patterns [J ] . IEEE Communications Surveys and Tutorials , 2017 , 19 ( 4 ): 2768 - 2796 .

PISKOZUB M , SPOLAOR R , MARTINOVIC I . MalAlert:detecting malware in large-scale network traffic using statistical features [J ] . ACM SIGMETRICS Performance Evaluation Review , 2019 , 46 ( 3 ): 151 - 154 .

ASSAF M , NAUMANN D A , SIGNOLES J , et al . Hypercollecting semantics and its application to static analysis of information flow [J ] . ACM SIGPLAN Notices , 2017 , 52 ( 1 ): 874 - 887 .

FEI H , JIANG R , YANG Y , et al . Content based social behavior prediction:a multi-task learning approach [C ] // The 20th ACM international conference on Information and knowledge management . ACM , 2011 : 995 - 1000 .

ZHU J , XIONG F , PIAO D , et al . Statistically modeling the effectiveness of disaster information in social media [C ] // Global Humanitarian Technology Conference . IEEE , 2011 : 431 - 436 .

KUO T T , HUNG S C , LIN W S , et al . Exploiting latent information to predict diffusions of novel topics on social networks [C ] // The 50th Annual Meeting of the Association for Computational Linguistics:Short Papers-Volume 2 . Association for Computational Linguistics , 2012 : 344 - 348 .

GOYAL A , BONCHI F , LAKSHMANAN L V S . Learning influence probabilities in social networks [C ] // Proceedings of the Third ACM International Conference on Web Search and Data Mining . ACM , 2010 : 241 - 250 .

DEY K , LAMBA H , NAGAR S , et al . Modeling topical information diffusion over microblog networks [C ] // International Conference on Complex Networks and their Applications . Springer , 2018 : 353 - 364 .

LU Y , YU L , ZHANG T , et al . Collective human behavior in cascading system:discovery,modeling and applications [C ] // 2018 IEEE International Conference on Data Mining . IEEE , 2018 : 297 - 306 .

茆诗松 , 程依明 , 濮晓龙 , 等 . 概率论与数理统计教程:第2版 [M ] . 北京 : 高等教育出版社 , 2011 .

MAO S S , CHENG Y M , PU X L , et al . Probability and statistics:2nd ed [M ] . Beijing : Higher Education PressPress , 2011 .

方兆本 , 缪柏其 . 随机过程 [M ] . 合肥 : 中国科学技术大学出版社 , 1993 .

FANG Z B , MIU B Q . Stochastic process [M ] . Hefei : University of Science and Technology of China PressPress , 1993 .

CLAUSET A , SHALIZI C R , NEWMAN M E J . Power-law distributions in empirical data [J ] . SIAM Review , 2009 , 51 ( 4 ): 661 - 703 .

MITZENMACHER M . A brief history of generative models for power law and lognormal distributions [J ] . Internet mathematics , 2004 , 1 ( 2 ): 226 - 251 .

LESKOVEC J , LANG K J , DASGUPTA A , et al . Statistical properties of community structure in large social and information networks [C ] // Proceedings of the 17th International Conference on World Wide Web . ACM , 2008 : 695 - 704 .

LESKOVEC J , FALOUTSOS C . Scalable modeling of real graphs using kronecker multiplication [C ] // Proceedings of the 24th International Conference on Machine Learning . ACM , 2007 : 497 - 504 .

ERDŐS P,RÉNYI A , . On the evolution of random graphs [M ] // The Structure and Dynamics of Networks . Princeton University Press , 2011 : 38 - 82 .

CLAUSET A , MOORE C , NEWMAN M E J . Hierarchical structure and the prediction of missing links in networks [J ] . Nature , 2008 , 453 ( 7191 ): 98 - 101 .

GROVER A , ZWEIG A , ERMON S . Graphite:iterative generative modeling of graphs [J ] . arXiv Preprint,arXiv:1803.10459 , 2018 .

AGARWAL A , XIE B , VOVSHA I , et al . Sentiment analysis of twitter data [C ] // Proceedings of the workshop on languages in social media . Association for Computational Linguistics , 2011 : 30 - 38 .

SHETTY J , ADIBI J . The Enron email dataset database schema and brief statistical report [R ] . Information Sciences Institute Technical Report,University of Southern California , 2004 : 120 - 128 .

浏览量

514

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于快速密度峰值聚类离群因子的离群点检测算法

基于动态图嵌入的车联网拓扑控制

工业互联网感知通信控制协同融合技术研究综述

ERDOF：基于相对熵权密度离群因子的离群点检测算法

基于高阶路径相似度的复杂网络链路预测方法