CN111343182B - Abnormal flow detection method based on gray level graph - Google Patents
Abnormal flow detection method based on gray level graph Download PDFInfo
- Publication number
- CN111343182B CN111343182B CN202010120011.9A CN202010120011A CN111343182B CN 111343182 B CN111343182 B CN 111343182B CN 202010120011 A CN202010120011 A CN 202010120011A CN 111343182 B CN111343182 B CN 111343182B
- Authority
- CN
- China
- Prior art keywords
- gray
- network
- image
- flow
- target
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/21—Design or setup of recognition systems or techniques; Extraction of features in feature space; Blind source separation
- G06F18/214—Generating training patterns; Bootstrap methods, e.g. bagging or boosting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/08—Learning methods
Abstract
The invention discloses an abnormal flow detection method based on a gray scale map, which comprises the following steps: s1: carrying out visualization processing on the original flow of the network, and converting the original flow into a gray-scale map; s2: carrying out feature extraction on the gray level image; s3: based on an Apache Spark framework, training the characteristics of the gray-scale image by using a distributed extreme learning machine, outputting a weight matrix beta, obtaining a training parameter, and completing the abnormal flow detection of the gray-scale image. The method effectively solves the problem of abnormal flow detection in various network environments, solves the difficulty in extracting the original flow characteristics by visualization processing of the network flow, converts the difficulty in extracting the original flow characteristics into image characteristic extraction, and enables the accuracy of the training result to be higher. The invention effectively solves the problem of abnormal detection of high-speed mass network flow in the big data era and is suitable for the modern actual network environment.
Description
Technical Field
The invention belongs to the technical field of network detection, and particularly relates to an abnormal flow detection method based on a gray-scale map.
Background
In recent years, with the continuous development of internet technology, people have more and more extensive applications to the internet, the frequency and strength of attacks in the network are continuously enhanced, and the network environment is also deteriorated. The network attack is an attack to hardware, software and data of a network system by using network bugs and security defects. From the viewpoint of the destructiveness to information, the attack types can be classified into passive attacks and active attacks. Active attacks can result in the tampering of certain data streams and the creation of spurious data streams. Passive attacks usually include attack modes such as eavesdropping, traffic analysis, and breaking weakly encrypted data streams. In order to protect against these attacks and improve the network environment, intrusion detection systems have been proposed. The traditional intrusion detection system has the defects of low system establishing speed, complex feature extraction, high resource occupancy rate cost and the like. Most critically, most features require long and complete extraction of the flow monitoring scheme. This makes real-time monitoring difficult. In addition, in the face of an increasingly large network and an infinite unknown attack, it is impractical to manually acquire enough marker data to train an intrusion detection system so as to accurately detect an intrusion. Based on the above situation, the invention provides an abnormal flow detection method based on a gray-scale map.
Disclosure of Invention
The invention aims to solve the problem of network intrusion detection and provides an abnormal flow detection method based on a gray-scale map.
The technical scheme of the invention is as follows: an abnormal flow detection method based on a gray scale map comprises the following steps:
s1: carrying out visualization processing on the original flow of the network, and converting the original flow into a gray-scale map;
s2: carrying out feature extraction on the gray level image by using the ambiguity;
s3: based on an Apache Spark framework, training the characteristics of the gray-scale image by using a distributed extreme learning machine, outputting a weight matrix beta, obtaining a training parameter, and completing the abnormal flow detection of the gray-scale image.
The invention has the beneficial effects that: the method effectively solves the problem of abnormal flow detection in various network environments, solves the difficulty in extracting the original flow characteristics by visualization processing of the network flow, converts the difficulty in extracting the original flow characteristics into image characteristic extraction, and enables the accuracy of the training result to be higher. In addition, the detection method of the invention effectively solves the problem of abnormal detection of high-speed mass network traffic in a big data era by using an Apache Spark framework and combining a distributed extreme learning machine, and is suitable for the modern actual network environment. Meanwhile, the invention uses a simple high-speed neural network to replace a complex and hard-to-converge deep neural network, and accords with the existing high-speed massive network flow environment, so that the detection method is simpler and faster.
Further, in step S1, the visualization processing of the original traffic is performed for the top 10KB of the original traffic.
The beneficial effects of the further scheme are as follows: in the invention, the traffic size in the real network is not fixed and single. For the traffic with long duration and large data volume, the invention only converts the first 10KB traffic of the arrival of the traffic. And for the traffic with short duration and small data volume, the acquired data is copied, and the finally converted data is ensured to be close to 10 KB. Different methods are adopted for processing different flow sizes, so that the visual processing of the flow is more accurate.
Further, step S1 includes the following sub-steps:
s11: selecting a CICIIDS 2017 data set as background flow for abnormal flow detection;
s12: based on the CICIIDS 2017 data set, cutting a pcap file of the CICIIDS 2017 data set by using a pcappUssus tool;
s13: carrying out batch processing on the cut pcap files according to the time and size sequence of the pcap files;
s14: and converting the batched pcap file into a gray-scale map to finish the visualization processing of the original network flow.
The beneficial effects of the further scheme are as follows: in the invention, the network flow belongs to binary data, and the visual processing of the network flow solves the difficulty in extracting the characteristics of the original flow, so that the accuracy of the detection result is higher.
Further, S2 includes the following sub-steps:
s21: extracting an image area with important information in the gray-scale image as a sample characteristic object of the gray-scale image, scanning the gray-scale image to obtain a target image area and extracting a target characteristic object of the gray-scale image;
s22: establishing a sample fuzzy set X ═ X } and a target fuzzy set Y ═ Y } of the gray-scale map according to the sample characteristic object and the target characteristic object of the gray-scale map1,y2,…yn};
S23: according to the sample fuzzy set X ═ X } and the target fuzzy set Y ═ Y1,y2,…ynDescribing a characteristic fuzzy similarity relation of a gray scale image, wherein the characteristic fuzzy similarity relation is as follows:
wherein j is 1,2, … n, n is an ordered pair (x, y)j) The number of the (c) component(s),is an ordered pair (x, y)j) The value of the relationship of (a) to (b),is a membership function;
s24: determining a similarity set R of the sample characteristic object and the target characteristic object according to the characteristic fuzzy similarity relation of the gray level imageαThe calculation formula is as follows:
Rα={(x,yj)|μR(x,yj)≥α}
wherein, muRThe method comprises the following steps of (1) obtaining a characteristic fuzzy similarity relation of a gray scale image, wherein alpha is the similarity of a sample characteristic object and a target characteristic object, and the value of alpha is 1;
s25: extracting a similarity set RαThe center point of the image pixel of the middle target characteristic object;
s26: and marking the central point of the image pixel of the target characteristic object to complete the characteristic extraction of the gray level image.
The beneficial effects of the further scheme are as follows: in the invention, the feature extraction of the image uses the ambiguity to replace the traditional image feature extraction method, so that the resource occupancy rate is low, and the accuracy of the feature extraction result is higher.
Further, step S3 includes the following sub-steps:
s31: setting the number of hidden layer neurons of the network to be L by using a distributed extreme learning machine, and randomly initializing the input weight W and the bias b of the hidden layer neurons of the network;
s32: calculating a hidden neuron output matrix H of the network, wherein the calculation formula is as follows:
wherein the network contains L hidden layer neurons, WiInput weights for the i-th hidden neuron of the network, biFor the biasing of the ith hidden layer neuron of the network, g (-) is the activation function, i 1,2jExtracting features of a jth target feature object, wherein j is 1, 2.. times.N, and a network has N target feature objects;
s33: calculating an expected output matrix T of the network based on the hidden neuron output matrix H, wherein the calculation formula is as follows:
wherein, tiAn output vector of the ith target characteristic object;
s34: calculating an output weight matrix beta of the network according to the hidden neuron output matrix H and the expected output matrix T, wherein the calculation formula is as follows:
β=(HTH)-1HTT
h is a hidden neuron output matrix, and T is an expected output matrix;
s35: and screening the output weight matrix beta to obtain the training parameters.
The beneficial effects of the further scheme are as follows: in the invention, the simple single-layer network is used for training the network traffic, the network convergence is fast, the method is suitable for the high-speed massive network traffic environment, the speed is deeper, and the detection method is faster. Meanwhile, the distributed extreme learning machine has the advantages of high generalization performance and high learning speed, the number of hidden layer neurons is set, the input weight and the bias are initialized randomly, and the corresponding output weight can be obtained without adjustment in the training process.
Further, in step S3, the detection of abnormal flow is performed by using a model constructed by using the training parameters.
The beneficial effects of the further scheme are as follows: in the invention, the process of obtaining the training parameters is the process of constructing the abnormal flow detection method model, and the abnormal flow detection can be rapidly completed by using the model.
Drawings
FIG. 1 is a flow chart of a gray scale based abnormal flow detection method;
fig. 2 is a flowchart of step S1;
fig. 3 is a flowchart of step S2;
fig. 4 is a flowchart of step S3;
fig. 5 is an exemplary diagram of a network intrusion.
Detailed Description
The embodiments of the present invention will be further described with reference to the accompanying drawings.
As shown in fig. 1, the present invention provides an abnormal flow detection method based on a gray scale map, which includes the following steps:
s1: carrying out visualization processing on the original flow of the network, and converting the original flow into a gray-scale map;
s2: carrying out feature extraction on the gray level image by using the ambiguity;
s3: based on an Apache Spark framework, training the characteristics of the gray-scale image by using a distributed extreme learning machine, outputting a weight matrix beta, obtaining a training parameter, and completing the abnormal flow detection of the gray-scale image.
In the embodiment of the present invention, as shown in fig. 1, in step S1, the visualization process of the original traffic is performed for the first 10KB of the original traffic.
In the invention, the traffic size in the real network is not fixed and single. For the traffic with long duration and large data volume, the invention only converts the first 10KB traffic of the arrival of the traffic. And for the traffic with short duration and small data volume, the acquired data is copied, and the finally converted data is ensured to be close to 10 KB. Different methods are adopted for processing different flow sizes, so that the visual processing of the flow is more accurate.
In the embodiment of the present invention, as shown in fig. 2, step S1 includes the following sub-steps:
s11: selecting a CICIIDS 2017 data set as background flow for abnormal flow detection;
s12: based on the CICIIDS 2017 data set, cutting a pcap file of the CICIIDS 2017 data set by using a pcappUssus tool;
s13: carrying out batch processing on the cut pcap files according to the time and size sequence of the pcap files;
s14: and converting the batched pcap file into a gray-scale map to finish the visualization processing of the original network flow.
In the invention, the network flow belongs to binary data, and the visual processing of the network flow solves the difficulty in extracting the characteristics of the original flow, so that the accuracy of the detection result is higher.
In the embodiment of the present invention, as shown in fig. 3, S2 includes the following sub-steps:
s21: extracting an image area with important information in the gray-scale image as a sample characteristic object of the gray-scale image, scanning the gray-scale image to obtain a target image area and extracting a target characteristic object of the gray-scale image;
s22: establishing a sample fuzzy set X ═ X } and a target fuzzy set Y ═ Y } of the gray-scale map according to the sample characteristic object and the target characteristic object of the gray-scale map1,y2,…yn};
S23: according to the sample fuzzy set X ═ X } and the target fuzzy set Y ═ Y1,y2,…ynDescribing a characteristic fuzzy similarity relation of a gray scale image, wherein the characteristic fuzzy similarity relation is as follows:
wherein j is 1,2, … n, n is an ordered pair (x, y)j) The number of the (c) component(s),is an ordered pair (x, y)j) The value of the relationship of (a) to (b),is a membership function;
s24: feature fuzzy similarity from gray scale mapsFormula determines a similarity set R of sample and target feature objectsαThe calculation formula is as follows:
Rα={(x,yj)|μR(x,yj)≥α}
wherein, muRThe method comprises the following steps of (1) obtaining a characteristic fuzzy similarity relation of a gray scale image, wherein alpha is the similarity of a sample characteristic object and a target characteristic object, and the value of alpha is 1;
s25: extracting a similarity set RαThe center point of the image pixel of the middle target characteristic object;
s26: and marking the central point of the image pixel of the target characteristic object to complete the characteristic extraction of the gray level image.
In the invention, important information can be determined according to subjective needs, the feature extraction of the image uses ambiguity to replace the traditional image feature extraction method, the resource occupancy rate is low, and the accuracy of the feature extraction result is higher.
In the embodiment of the present invention, as shown in fig. 4, step S3 includes the following sub-steps:
s31: setting the number of hidden layer neurons of the network to be L by using a distributed extreme learning machine, and randomly initializing the input weight W and the bias b of the hidden layer neurons of the network;
s32: calculating a hidden neuron output matrix H of the network, wherein the calculation formula is as follows:
wherein the network contains L hidden layer neurons, WiInput weights for the i-th hidden neuron of the network, biFor the biasing of the ith hidden layer neuron of the network, g (-) is the activation function, i 1,2jExtracting features of a jth target feature object, wherein j is 1, 2.. times.N, and a network has N target feature objects;
s33: calculating an expected output matrix T of the network based on the hidden neuron output matrix H, wherein the calculation formula is as follows:
wherein, tiAn output vector of the ith target characteristic object;
s34: calculating an output weight matrix beta of the network according to the hidden neuron output matrix H and the expected output matrix T, wherein the calculation formula is as follows:
β=(HTH)-1HTT
h is a hidden neuron output matrix, and T is an expected output matrix;
s35: and screening the output weight matrix beta to obtain the training parameters.
In the invention, the simple single-layer network is used for training the network traffic, the network convergence is fast, the method is suitable for the high-speed massive network traffic environment, the speed is deeper, and the detection method is faster. Meanwhile, the distributed extreme learning machine has the advantages of high generalization performance and high learning speed, the number of hidden layer neurons is set, the input weight and the bias are initialized randomly, and the corresponding output weight can be obtained without adjustment in the training process.
In the embodiment of the present invention, as shown in fig. 1, in step S3, the detection of abnormal flow is performed by using a model constructed by using training parameters.
In the invention, the process of obtaining the training parameters is the process of constructing the abnormal flow detection method model, and the abnormal flow detection can be rapidly completed by using the model.
In the embodiment of the present invention, as shown in fig. 5, an exemplary image detected by using the network intrusion detection method of the present invention is subjected to network attacks, and the network attacks are DoS, DDoS, PortScan, FTP-pointer, and SSH-pointer in sequence. In actual network attacks, not all DoS, DDoS, PortScan, FTP-pointer, and SSH-pointer attacks are shown in FIG. 5, and the example image in FIG. 5 shows only one gray-scale representation of these network attacks.
The working principle and the process of the invention are as follows: in the invention, an abnormal traffic detection system is established based on the processing of the original network traffic. While employing entirely novel methods to characterize and analyze network traffic. Because the network flow is completely or belongs to binary data, the network flow is converted into a gray-scale image, and the detection of abnormal flow is completed in an image processing mode. Secondly, extracting gray image features based on the fuzziness, and converting the feature extraction of the network flow into the feature extraction of the image. And then training a plurality of sub-extreme learning machine classifiers on an Apache Spark framework to detect the network traffic, and constructing a model by utilizing the process of solving a training parameter beta to finish the detection of the abnormal traffic.
The invention has the beneficial effects that: the method effectively solves the problem of abnormal flow detection in various network environments, solves the difficulty in extracting the original flow characteristics by visualization processing of the network flow, converts the difficulty in extracting the original flow characteristics into image characteristic extraction, and enables the accuracy of the training result to be higher. In addition, the detection method of the invention effectively solves the problem of abnormal detection of high-speed mass network traffic in a big data era by using an Apache Spark framework and combining a distributed extreme learning machine, and is suitable for the modern actual network environment. Meanwhile, the invention uses a simple high-speed neural network to replace a complex and hard-to-converge deep neural network, and accords with the existing high-speed massive network flow environment, so that the detection method is simpler and faster.
It will be appreciated by those of ordinary skill in the art that the embodiments described herein are intended to assist the reader in understanding the principles of the invention and are to be construed as being without limitation to such specifically recited embodiments and examples. Those skilled in the art can make various other specific changes and combinations based on the teachings of the present invention without departing from the spirit of the invention, and these changes and combinations are within the scope of the invention.
Claims (5)
1. An abnormal flow detection method based on a gray scale map is characterized by comprising the following steps:
s1: carrying out visualization processing on the original flow of the network, and converting the original flow into a gray-scale map;
s2: carrying out feature extraction on the gray level image by using the ambiguity;
the step S2 includes the following sub-steps:
s21: extracting an image area with important information in the gray-scale image as a sample characteristic object of the gray-scale image, scanning the gray-scale image to obtain a target image area and extracting a target characteristic object of the gray-scale image;
s22: establishing a sample fuzzy set X ═ X } and a target fuzzy set Y ═ Y } of the gray-scale map according to the sample characteristic object and the target characteristic object of the gray-scale map1,y2,…yn};
S23: according to the sample fuzzy set X ═ X } and the target fuzzy set Y ═ Y1,y2,…ynDescribing a characteristic fuzzy similarity relation of a gray scale image, wherein the characteristic fuzzy similarity relation is as follows:
wherein j is 1,2, … n, n is an ordered pair (x, y)j) The number of the (c) component(s),is an ordered pair (x, y)j) The value of the relationship of (a) to (b),is a membership function;
s24: determining a similarity set R of the sample characteristic object and the target characteristic object according to the characteristic fuzzy similarity relation of the gray level imageαThe calculation formula is as follows:
Rα={(x,yj)|μR(x,yj)≥α}
wherein, muRThe similarity is a characteristic fuzzy similarity relation of a gray scale image, and alpha is the similarity of a sample characteristic object and a target characteristic object;
s25: extracting a similarity set RαThe center point of the image pixel of the middle target characteristic object;
s26: marking the image pixel center point of the target characteristic object to complete the characteristic extraction of the gray scale image;
s3: based on an Apache Spark framework, training the characteristics of the gray-scale image by using a distributed extreme learning machine, outputting a weight matrix beta, obtaining a training parameter, and completing the abnormal flow detection of the gray-scale image.
2. The method for detecting abnormal flow rate based on gray scale map as claimed in claim 1, wherein in step S1, the visualization process of the original flow rate is performed for the first 10KB of the original flow rate.
3. The abnormal flow detection method based on gray scale map as claimed in claim 1, wherein said step S1 comprises the following sub-steps:
s11: selecting a CICIIDS 2017 data set as background flow for abnormal flow detection;
s12: based on the CICIIDS 2017 data set, cutting a pcap file of the CICIIDS 2017 data set by using a pcappUssus tool;
s13: carrying out batch processing on the cut pcap files according to the time and size sequence of the pcap files;
s14: and converting the batched pcap file into a gray-scale map to finish the visualization processing of the original network flow.
4. The abnormal flow detection method based on gray scale map as claimed in claim 1, wherein said step S3 comprises the following sub-steps:
s31: setting the number of hidden layer neurons of the network to be L by using a distributed extreme learning machine, and randomly initializing the input weight W and the bias b of the hidden layer neurons of the network;
s32: calculating a hidden layer neuron output matrix H of the network, wherein the calculation formula is as follows:
wherein the network contains L hidden layer neurons, WiInput weights for the i-th hidden neuron of the network, biFor the biasing of the ith hidden layer neuron of the network, g (-) is the activation function, i 1,2jExtracting features of a jth target feature object, wherein j is 1, 2.. times.N, and a network has N target feature objects;
s33: calculating an expected output matrix T of the network based on the hidden layer neuron output matrix H, wherein the calculation formula is as follows:
wherein, tiAn output vector of the ith target characteristic object;
s34: calculating an output weight matrix beta of the network according to the hidden layer neuron output matrix H and the expected output matrix T, wherein the calculation formula is as follows:
β=(HTH)-1HTT
wherein H is an implicit neuron output matrix, and T is an expected output matrix;
s35: and screening the output weight matrix beta to obtain the training parameters.
5. The method for detecting abnormal flow based on gray scale map as claimed in claim 1, wherein in step S3, the detection of abnormal flow is performed by using a model constructed by training parameters.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010120011.9A CN111343182B (en) | 2020-02-26 | 2020-02-26 | Abnormal flow detection method based on gray level graph |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010120011.9A CN111343182B (en) | 2020-02-26 | 2020-02-26 | Abnormal flow detection method based on gray level graph |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111343182A CN111343182A (en) | 2020-06-26 |
CN111343182B true CN111343182B (en) | 2021-08-10 |
Family
ID=71187927
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010120011.9A Expired - Fee Related CN111343182B (en) | 2020-02-26 | 2020-02-26 | Abnormal flow detection method based on gray level graph |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111343182B (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111970259B (en) * | 2020-08-05 | 2022-04-29 | 贵州大学 | Network intrusion detection method and alarm system based on deep learning |
CN112333155B (en) * | 2020-10-16 | 2022-07-22 | 济南浪潮数据技术有限公司 | Abnormal flow detection method and system, electronic equipment and storage medium |
CN112822099A (en) * | 2020-12-29 | 2021-05-18 | 北京浪潮数据技术有限公司 | Method, device and medium for switching network card working modes |
CN113256507B (en) * | 2021-04-01 | 2023-11-21 | 南京信息工程大学 | Attention enhancement method for generating image aiming at binary flow data |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104282008A (en) * | 2013-07-01 | 2015-01-14 | 株式会社日立制作所 | Method for performing texture segmentation on image and device thereof |
CN109347872A (en) * | 2018-11-29 | 2019-02-15 | 电子科技大学 | A kind of network inbreak detection method based on fuzziness and integrated study |
US10261849B1 (en) * | 2017-08-11 | 2019-04-16 | Electronics Arts Inc. | Preventative remediation of services |
CN109768985A (en) * | 2019-01-30 | 2019-05-17 | 电子科技大学 | A kind of intrusion detection method based on traffic visualization and machine learning algorithm |
CN110704649A (en) * | 2019-08-29 | 2020-01-17 | 南京邮电大学 | Method and system for constructing flow image data set |
-
2020
- 2020-02-26 CN CN202010120011.9A patent/CN111343182B/en not_active Expired - Fee Related
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104282008A (en) * | 2013-07-01 | 2015-01-14 | 株式会社日立制作所 | Method for performing texture segmentation on image and device thereof |
US10261849B1 (en) * | 2017-08-11 | 2019-04-16 | Electronics Arts Inc. | Preventative remediation of services |
CN109347872A (en) * | 2018-11-29 | 2019-02-15 | 电子科技大学 | A kind of network inbreak detection method based on fuzziness and integrated study |
CN109768985A (en) * | 2019-01-30 | 2019-05-17 | 电子科技大学 | A kind of intrusion detection method based on traffic visualization and machine learning algorithm |
CN110704649A (en) * | 2019-08-29 | 2020-01-17 | 南京邮电大学 | Method and system for constructing flow image data set |
Non-Patent Citations (1)
Title |
---|
基于局部特征的图像表示模型理论与实践;谢凌曦;《信息科技辑》;20160715;全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN111343182A (en) | 2020-06-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111343182B (en) | Abnormal flow detection method based on gray level graph | |
CN112132042B (en) | SAR image target detection method based on contrast domain adaptation | |
CN109558823B (en) | Vehicle identification method and system for searching images by images | |
EP0363828B1 (en) | Method and apparatus for adaptive learning type general purpose image measurement and recognition | |
CN109446894B (en) | Multispectral image change detection method based on probability segmentation and Gaussian mixture clustering | |
CN101893704A (en) | Rough set-based radar radiation source signal identification method | |
CN111046787A (en) | Pedestrian detection method based on improved YOLO v3 model | |
CN110443830B (en) | Precipitation cloud cluster detection method based on Gaussian mixture background model | |
CN116910752B (en) | Malicious code detection method based on big data | |
CN110879881A (en) | Mouse track recognition method based on feature component hierarchy and semi-supervised random forest | |
CN110677437A (en) | User disguised attack detection method and system based on potential space countermeasure clustering | |
Lin et al. | Optimal CNN-based semantic segmentation model of cutting slope images | |
Gulghane et al. | A survey on intrusion detection system using machine learning algorithms | |
CN108507607B (en) | Weak signal detection method based on kernel function | |
CN113887583A (en) | Radar RD image target detection method based on deep learning under low signal-to-noise ratio | |
CN113065395A (en) | Radar target new class detection method based on generation countermeasure network | |
CN113283467A (en) | Weak supervision picture classification method based on average loss and category-by-category selection | |
CN115294392B (en) | Visible light remote sensing image cloud removal method and system based on network model generation | |
Xue | Research on network security intrusion detection with an extreme learning machine algorithm | |
CN110458219B (en) | phi-OTDR vibration signal identification algorithm based on STFT-CNN-RVFL | |
CN112014821B (en) | Unknown vehicle target identification method based on radar broadband characteristics | |
CN112291193B (en) | LDoS attack detection method based on NCS-SVM | |
CN114553468A (en) | Three-level network intrusion detection method based on feature intersection and ensemble learning | |
CN113887633A (en) | IL-based malicious behavior identification method and system for closed-source power engineering control system | |
Wu | A method of character verification code recognition in network based on artificial intelligence technology |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20210810 |