Application of Flow Spectrum Theory in Network Defense

doi:10.13190/j.jbupt.2021-271

Journal of Beijing University of Posts and Telecommunications ›› 2022, Vol. 45 ›› Issue (3): 19-25.doi: 10.13190/j.jbupt.2021-271

• PAPERS • Previous Articles Next Articles

Application of Flow Spectrum Theory in Network Defense

GUO Shize¹, Lü Renjian¹, HE Mingshu², ZHANG Jie², YU Saisai³

1. School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China;
2. School of Electronic Engineering, Beijing University of Posts and Telecommunications, Beijing 100876, China;
3. No.30 Institute of China Electronics Technology Group Corporation, Chengdu 610041, China

Received:2021-11-04 Online:2022-06-28 Published:2022-06-01

Abstract

Abstract: In the process of network data processing and analysis, to solve the problems of large observation, poor interpretability and high difficulty of feature separation in traditional methods, the basic method of mapping network flow data from the original "flow" space to the "flow spectrum" space is proposed. The proposed method satisfies and thus the requirements of interpretability, observability, express ability and disposal of network behavior, and thus the downstream tasks can be weel completed. Based on the matrix compression principle of the low rank of high-dimensional objectives, the low-dimensional description of data is realized, and the mapping of the original network flow from "flow" to data characteristic matrix is completed. Based on matrix theory, information theory and metric space theory, multiple base spectral spaces that are expressed as isomorphically as possible are established to complete the separable isomorphic mapping of a characteristic matrix in "spectral" space. The background network flow, network threat, malicious attack and abnormal behavior are descrebed through the "flow spectrum", which is applied in network defense to improve the defense ability of cyberspace and provide new ideas for the defense system of cyberspace.

Key words: network traffic, flow spectrum, network defense, malicious behavior analysis, threat indication

CLC Number:

TN911.22

GUO Shize, Lü Renjian, HE Mingshu, ZHANG Jie, YU Saisai. Application of Flow Spectrum Theory in Network Defense[J]. Journal of Beijing University of Posts and Telecommunications, 2022, 45(3): 19-25.

References

[1] 国家互联网应急中心. 2020年中国互联网网络安全报告[EB/OL].北京:人民邮电出版社, 2021:(2021-07-21)[2021-10-26]. http://www.cac.gov.cn/2021-07/21/c_1628454189500041.htm.
[2] 李利,韩伟红,梅阳阳,等.当前网络空间安全技术发展现状及思考[J].信息技术与网络安全, 2021, 40(5):33-38. LI L, HAN W H, MEI Y Y, et al. The current situation and thinking of the development of cyberspace security technology[J]. Information Technology and Network Security, 2021, 40(5):33-38.
[3] 贾焰,方滨兴,李爱平,等.基于人工智能的网络空间安全防御战略研究[J].中国工程科学, 2021, 23(3):98-105. JIA Y, FANG B X, LI A P, et al. Artificial intelligence enabled cyberspace security defense[J]. Strategic Study of CAE, 2021, 23(3):98-105.
[4] 张勇东,陈思洋,彭雨荷,等.基于深度学习的网络入侵检测研究综述[J].广州大学学报(自然科学版), 2019, 18(3):17-26. ZHANG Y D, CHEN S Y, PENG Y H, et al. A survey of deep learning based network intrusion detection[J]. Journal of Guangzhou University (Natural Science Edition), 2019, 18(3):17-26.
[5] FINSTERBUSCH M, RICHTER C, ROCHA E, et al. A survey of payload-based traffic classification approaches[J]. IEEE Communications Surveys&Tutorials, 2014, 16(2):1135-1156.
[6] MARIN G, CASAS P, CAPDEHOURAT G. Deep in the dark-deep learning-based malware traffic detection without expert knowledge[C]//IEEE Security and Privacy Workshops. Piscataway, NJ:IEEE Press, 2019:36-42.
[7] KANNA P R, SANTHI P. Unified deep learning approach for efficient intrusion detection system using integrated spatial-temporal features[J]. Knowledge-Based Systems, 2021, 226(1):107132-107144.
[8] YU L, DONG J T, CHEN L H, et al. PBCNN:Packet bytes-based convolutional neural network for network intrusion detection[J]. Computer Networks, 2021, 194(1):108117-108139.
[9] WANG Z H, JIANG D D, HUO L W, et al. An efficient network intrusion detection approach based on deep learning[J]. Wireless Networks, 2021, 1(1):1-14.
[10] SWARNA S, RATNA S. Investigation of machine learning techniques in intrusion detection system for IoT network[C]//International Conference on Intelligent Sustainable Systems. Piscataway, NJ:IEEE Press, 2020:1164-1167.
[11] MOUSTAFA N, SLAY J. UNSW-NB15:a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set)[C]//Military Communications and Information Systems Conference. Piscata-way, NJ:IEEE Press, 2015:1-6.

Application of Flow Spectrum Theory in Network Defense

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 10

Recommended Articles

Metrics

Comments

[1]	TIAN Zhongda, PAN Xinpeng. Network Traffic Prediction Using Wavelet Denoising and Optimized Support Vector Machine [J]. Journal of Beijing University of Posts and Telecommunications, 2022, 45(5): 79-84.
[2]	MU Xiao-hui, LI Li-xiang. Network Traffic Prediction of Dropout Echo State Network [J]. Journal of Beijing University of Posts and Telecommunications, 2021, 44(5): 10-13,20.
[3]	ZHAO Ji-hong, WANG Ming-xin, QU Hua, XIE Zhi-yong, LIU Xi. An Adaptive KLMS Traffic Prediction Algorithm for Satellite Network [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2018, 41(3): 51-55.
[4]	TIAN Zhong-da, LI Shu-jiang, WANG Yan-hong, WANG Xiang-dong. Network Traffic Prediction Based on ARIMA with Gaussian Process Regression Compensation [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2017, 40(6): 65-73.
[5]	. Measurement of the Characteristics of the BitTorrent Network [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2012, 35(3): 125-128.
[6]	. Study on the SelfSimilarity of P2P Traffic Behavior Based on Fractal Method [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2010, 33(4): 35-38.
[7]	SUN Han-lin¹；JIN Yue-hui¹；CUI Yi-dong^1,2；CHENG Shi-duan¹. Large-Time Scale Network Traffic Short-Term Prediction by Grey Model [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2010, 33(1): 7-11.
[8]	. A Network Traffic MonitorNode SelectionAlgorithm Based on Triple Tag [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2009, 32(s1): 73-76.
[9]	Zou De-Bin. Network Traffic Analysis Based on LogInfinitely Mobile Networks [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2009, 32(2): 101-105.
[10]	LIN Ping， YU Xun-yi， LIU Fang， LEI Zhen-ming. A Network Traffic Classification Algorithm Based on Flow Statistical Characteristics [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2008, 31(2): 15-19.