计算机科学
数据挖掘
背景(考古学)
可扩展性
入侵检测系统
嵌入
特征(语言学)
相似性(几何)
网络安全
人工智能
模式识别(心理学)
图像(数学)
计算机网络
数据库
语言学
生物
哲学
古生物学
作者
Ran Tian,Zulong Diao,Haiyang Jiang,Gaogang Xie
标识
DOI:10.1109/iscc53001.2021.9631421
摘要
Similarity (distance) measurement among network features (e.g. IP address, MAC address, port number, and protocol, etc.) based on network logs is a critical step for data mining in intrusion detection, anomaly prediction, and log analysis. A practical approach is necessarily accurate, fast, and incremental due to the dynamic network environment. However, existing solutions fail to satisfy these demands simultaneously. Therefore, we propose a novel unsupervised network feature embedding approach: Network Vector (NeVe). It learns the similarity from context information by introducing a natural language processing algorithm GloVe. Since the network data is more timeliness with an almost infinite corpus size, we adjust the algorithm to adapt the input data format and design a fast scalable online update mechanism. Our evaluation demonstrates that NeVe can achieve the highest accuracy with minimal time consumption (13 ~ 15 times faster) compared with the state-of-the-art approach.
科研通智能强力驱动
Strongly Powered by AbleSci AI