CN111371742A - SVDD (singular value decomposition and direct data decomposition) -based network slice physical node anomaly detection method - Google Patents
SVDD (singular value decomposition and direct data decomposition) -based network slice physical node anomaly detection method Download PDFInfo
- Publication number
- CN111371742A CN111371742A CN202010107298.1A CN202010107298A CN111371742A CN 111371742 A CN111371742 A CN 111371742A CN 202010107298 A CN202010107298 A CN 202010107298A CN 111371742 A CN111371742 A CN 111371742A
- Authority
- CN
- China
- Prior art keywords
- network slice
- physical node
- observation data
- vnf
- distributed
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 43
- 238000000354 decomposition reaction Methods 0.000 title description 5
- 238000000034 method Methods 0.000 claims abstract description 16
- 238000011478 gradient descent method Methods 0.000 claims abstract description 12
- 230000002159 abnormal effect Effects 0.000 claims description 12
- 238000004891 communication Methods 0.000 claims description 7
- 238000012545 processing Methods 0.000 claims description 5
- 230000005540 biological transmission Effects 0.000 claims description 2
- 238000013499 data model Methods 0.000 claims description 2
- 230000008569 process Effects 0.000 claims description 2
- 230000005856 abnormality Effects 0.000 claims 1
- 238000010295 mobile communication Methods 0.000 abstract description 3
- 230000006870 function Effects 0.000 description 15
- 238000007726 management method Methods 0.000 description 8
- 238000010586 diagram Methods 0.000 description 5
- 238000011160 research Methods 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 3
- 238000011161 development Methods 0.000 description 2
- 230000018109 developmental process Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012549 training Methods 0.000 description 2
- 230000003679 aging effect Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000015556 catabolic process Effects 0.000 description 1
- 238000013480 data collection Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000006731 degradation reaction Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 238000013508 migration Methods 0.000 description 1
- 230000005012 migration Effects 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000001737 promoting effect Effects 0.000 description 1
- 230000009467 reduction Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0893—Assignment of logical groups to network elements
Abstract
The invention relates to a network slice physical node anomaly detection method based on SVDD, and belongs to the technical field of mobile communication. In a network slice scene, a network slice deployment and VNF observation data generation model is adopted, unsupervised anomaly detection and VNF observation data sharing are considered, a network slice physical node anomaly detection model which is deployed on each network slice manager in a distributed mode is constructed, VNF observation data are processed in the slices in a distributed mode through a random approximation function, and finally, a random gradient descent method is adopted to achieve distributed online physical node anomaly detection. The method and the device can realize the physical node abnormity detection by utilizing the virtual network function observation data and ensure that the observation data is processed in the slice, thereby solving the problem of information leakage worried by a VNF operator.
Description
Technical Field
The invention belongs to the technical field of mobile communication, and relates to a method for detecting physical node abnormity in a network slicing scene.
Background
With the rapid development of mobile internet technology, next-generation communication systems are being researched to meet more diversified business requirements. One of the major driving forces in the development of mobile communication systems is the need to support various vertical industries, which have distinct business requirements and more diverse business scenarios. The architecture method adopted by the traditional network cannot meet the diversified performance requirements of the vertical market in the aspects of delay, expandability, usability and reliability. How to serve multiple services with different performance requirements on the same underlying physical network arises from the network slicing technology.
The network slice divides a physical network into a plurality of virtual networks, each virtual network can be customized and optimized for specific types of application programs or users, and shared physical network resources are dynamically and efficiently allocated to each logic network slice according to changing user requirements. Technologies such as Software Defined Networking (SDN) and Network Function Virtualization (NFV) can provide operators with the characteristics of programmability, flexibility, and modularity required to create multiple virtual Network slices. The network slices are combined by Virtual Network Functions (VNFs) according to user scenarios or Service models, to form an ordered VNF set, i.e., a Service Function Chain (SFC).
Network slices add complexity to network management, especially where a large number of network slices are deployed, and thus are critical to automated management of network slices. The automatic management of the network slice is realized, and firstly, the abnormity in the network slice can be quickly detected.
Aiming at the prior art, the following defects are found: the existing network slice research mainly aims at the problems of deployment and migration of service function chains, and some researches aim at the problem of abnormal detection of VNFs. Although an anomaly in the underlying physical node in a network slice may cause performance degradation in all network slices deployed on it, few studies have been directed to anomaly detection for the underlying physical node; the conventional network slice anomaly detection research mostly adopts a mode of centralized processing of observation data in a network, and the research introduces extra communication overhead in the network, so that the communication occupies bandwidth resources in the network and brings more time cost; an off-line training mode frequently adopted for the research of machine learning in the network slice anomaly detection conflicts with the dynamic deployment characteristic of the VNF, and the detection model has obvious aging effect, namely the reduction of the detection performance under the condition that the dynamic update cannot be realized.
Disclosure of Invention
In view of this, an object of the present invention is to provide a method for detecting an anomaly of a physical node in distributed online network slices, which can effectively utilize VNF observation information to implement bottom-layer anomaly detection of the physical node, avoid sharing VNF observation data among slices, and dynamically update a detection model.
In order to achieve the purpose, the invention provides the following technical scheme:
a network slice physical node anomaly detection method based on SVDD (singular value decomposition) comprises the steps of generating an observation data model by adopting network slice deployment and a Virtual Network Function (VNF) under a network slice scene, combining unsupervised anomaly detection and VNF observation data network slice sharing, constructing a network slice physical anomaly detection model which is distributed and deployed on each network slice manager, realizing distributed processing of VNF observation data in each slice through a random approximate function, and finally realizing distributed online physical node anomaly detection by adopting a random gradient descent method.
Further, the network slice deployment and VNF generating a model of observation data specifically includes: the bottom layer physical network consists of M physical nodes which are communicated with each other, and N VNFs mapped on the physical nodes M in the network are total; there are three types of network slices deployed onto a physical network: an SFC corresponding to an Enhanced Mobile Broadband (EMBB) network slice consists of 6 VNFs, an SFC corresponding to an Ultra Reliable Low Latency Communication (URLLC) network slice consists of 5 VNFs, and an SFC corresponding to a Mass Machine Type Communication (MMTC) network slice consists of 4 VNFs; each network slice manager collects the observation data of VNF in the slice and at the time tThe observed data for physical node m is s (t) ═ x1(t),x2(t),…,xN(t))TWherein x isnAnd (t), N is 1,2, …, and N is an observation data vector of the nth VNF deployed on the physical node m at the time t, and is composed of a flow rate, a queuing delay, a processing delay and a protocol type.
Further, the constructing of the network slice physical node anomaly detection model which is distributed and deployed on each network slice manager specifically includes: carrying out distributed parameter updating on the model for generating observation data by network slice deployment and VNF (virtual network function), and obtaining a virtual network element a through multiple iterations*=a1(t)=a2(t)=…=aN(t) is the center of the sphere, R*=R1(t)=R2(t)=…=RN(t) is the radius, ξ*=ξ1(t)=ξ2(t)=…=ξn(t) hypersphere in random feature space for relaxation variables; wherein, an(t)、Rn(t)、ξn(t) respectively updating the parameters in the network slice corresponding to the nth VNF at the time t to obtain the sphere center, the radius and the relaxation variable of the hypersphere in the random feature space; a is*、R*And ξ*Is a distributed updated hypersphere center a in each network slice after multiple iterationsn(t) radius Rn(t) and a slack variable ξn(t) converging the obtained values, in which process the hypersphere defined by the updated parameters in each network slice gradually coincides into the same hypersphere.
Further, the stochastic feature space refers to the observation data x of the original VNF by a stochastic approximation function z (-) in the random spacen(t) high dimensional space to which the original observation data x is mappedn(t) is mapped as z (x)n(t))={z1(xn(t)),…,zD(xn(t))]TWherein D is the dimension of the random feature space;
the hypersphere adopts a support vector data description model to update the parameter a for each network slice manager to VNF observation datan(t),Rn(t),ξn(t), N is a hypersphere defined by 1,2, …, N, eachThe hypersphere parameters on the network slice manager may be different in the initial stage;
relaxation variable ξn(t) is x in order to allow feature spacen(t) mapping z (x)n(t)) and the spherical center of the hypersphere an(t) is greater than the radius R of the hyperspheren(t) is defined in the present invention as ξn(t)>0。
The distributed mode refers to that VNF observation data are distributed and collected and stored by the network slice managers to which the VNFs belong, and are distributed and processed in the network slice managers, and transmission of VNF original observation data among slices does not exist.
Further, the parameter updating specifically includes: parameter a within each network slicen(t)、Rn(t)、ξn(t) updates were all done using a random gradient descent, but with respect to the relaxation variable ξn(t) during updating, the value of the update is required to be ensured to be positive after each updating, so that the result is corrected after each updating; to ensure updated a within each slicen(t)、Rn(t) and ξn(t) final convergence to a common hypersphere parameter a*、R*And ξ*When the physical node is in normal operation state, the parameters a need to be shared among the network slicesn(t),Rn(t),ξn(t) the distributed parameter update in each network slice requires the result of the distributed parameter update at the previous time in all other slice managers.
Further, the random gradient descent method specifically includes: updating the radius R of the hypersphere by a random gradient descent method in each network slice managern(t) and the center of sphere an(t) and a slack variable ξn(t), after the updating is completed, calculating a distributed discriminant function:
wherein sgn is a sign function; if g (x)n(t)). 1, VNFn observation data x at time tn(t) locating within the hypersphere obtained from the updating of the parameters in the random feature space; if g (x)n(t))=-1,X is thenn(t) is located outside the hypersphere.
Further, the distributed online physical node anomaly detection specifically includes: distributed parameter updating is finished on the network slice manager corresponding to each VNF, the real-time decision module judges the running state of the physical node at the current moment according to the distributed discrimination function, the negative influence of abnormal data on model training is considered, and the parameters of observation data updating when the running state of the physical node is abnormal are discarded.
Further, the real-time decision module specifically includes: distributively updating the resulting parameter g (x) according to each network slice managern(t)) judgment
Whether or not it is equal to N, if
The running state of the physical node at the time t is normal, if so, the physical node is in a normal running state
The running state of the physical node is abnormal at the moment t; wherein, N is the number of VNFs deployed on a target physical node, and the target physical node is the physical node detected by the method;
if the physical node is in normal operation state, using each distributed parameter a at the current momentn(t),Rn(t),ξn(t) continuing to update the parameters of the random gradient descent method at the next moment; if the current physical node running state is abnormal, discarding the parameter a at the time tn(t),Rn(t),ξn(t) let an(t)=an(t-1),Rn(t)=Rn(t-1),ξn(t)=ξnAnd (t-1) continuing to update the parameters of the random gradient descent method at the next moment.
The invention has the beneficial effects that: according to the invention, the influence of the abnormal operation state of the physical node on the performance of the whole slice network is concerned according to the sharing characteristic of the underlying network of the network slice, and a physical node abnormal detection model based on support vector data description is provided; in order to solve the technical confidentiality and security protection problems faced by the sharing of original observation data slices of a Virtual Network Function (VNF), a distributed anomaly detection model is provided, VNF observation data are processed in a distributed mode in each slice through a random approximation Function, and finally a distributed online physical node anomaly detection method is provided by adopting random gradient descent. Therefore, the invention can realize the physical node abnormity detection by using the virtual network function observation data and simultaneously ensure that the observation data is processed in the slice, thereby solving the problem of information leakage worried by a VNF operator.
Additional advantages, objects, and features of the invention will be set forth in part in the description which follows and in part will become apparent to those having ordinary skill in the art upon examination of the following or may be learned from practice of the invention. The objectives and other advantages of the invention may be realized and attained by the means of the instrumentalities and combinations particularly pointed out hereinafter.
Drawings
For the purposes of promoting a better understanding of the objects, aspects and advantages of the invention, reference will now be made to the following detailed description taken in conjunction with the accompanying drawings in which:
FIG. 1 is a schematic diagram of a network slice deployment scenario in the present invention;
FIG. 2 is a schematic view of an observation data collection method according to the present invention;
FIG. 3 is a schematic block diagram of a distributed online anomaly detection method according to the present invention;
FIG. 4 is a flow chart of a distributed online anomaly detection method according to the present invention.
Detailed Description
The embodiments of the present invention are described below with reference to specific embodiments, and other advantages and effects of the present invention will be easily understood by those skilled in the art from the disclosure of the present specification. The invention is capable of other and different embodiments and of being practiced or of being carried out in various ways, and its several details are capable of modification in various respects, all without departing from the spirit and scope of the present invention. It should be noted that the drawings provided in the following embodiments are only for illustrating the basic idea of the present invention in a schematic way, and the features in the following embodiments and examples may be combined with each other without conflict.
Referring to fig. 1 to 4, a network slice physical node anomaly detection method based on SVDD is disclosed, which provides a model of network slice deployment and observation data generated by VNF for the problem of anomaly detection in a network slice scene; by combining the consideration of unsupervised anomaly detection and VNF observation data network slice sharing, a network slice physical anomaly detection model which is distributed and deployed on each network slice manager is provided; further, a distributed online physical node anomaly detection method based on random gradient descent is provided.
Fig. 1 is a schematic diagram of a network slice deployment scenario in this embodiment. Referring to fig. 1, after receiving a service request, a network slice management and orchestrator may flexibly deploy a network slice on an underlying physical network according to different service requirements. The infrastructure management module is responsible for managing the underlying physical resources needed for network slice deployment.
Fig. 2 is a schematic diagram of a collection manner of VNF observation data used in this embodiment, and referring to fig. 2, infrastructure-level observation data may be obtained from an infrastructure management module, and includes physical node CPU occupancy, memory occupancy, disk throughput, network throughput, and the like. However, the VNF operation state is closely related to the operation state of the physical node, and data information such as a flow rate, a queuing delay, a processing delay, a protocol type, and the like can be observed through the VNF.
Fig. 3 is a schematic block diagram of a distributed online anomaly detection method in this embodiment, and the method is mainly divided into three parts:
a first part: each network slice manager realizes real-time collection of VNF observation data
A second part: and the abnormal detection parameter updating module which is distributed on each network slice manager realizes local parameter updating in the slice.
And a third part: and a physical node management module in the infrastructure manager realizes real-time abnormal decision according to the parameters transmitted by each distributed parameter updating module, judges the running state of the physical node and selects the mode of updating the next parameter according to the running state of the physical node.
FIG. 4 is a schematic flow chart of a distributed online anomaly detection method according to the present invention, which includes the following steps:
step 401: initializing distributed model parameters at the moment t-0;
step 402: t is t + 1;
step 403: the method comprises the steps of collecting observation data of all VNFs on a target physical node at the moment t in a distributed mode;
step 404: a distributed parameter updating module in each network slice manager calculates a random approximate value of the VNF observation data according to a random approximate function;
step 405: a distributed parameter updating module in each network slice manager calculates the gradient of each parameter at the current moment;
step 406: each network slice manager calculates the current moment model parameters according to the random gradient descent;
step 407: each network slice manager calculates g (x)n(t));
Step 408: the physical node management module updates the obtained g (x) according to each network slice managern(t)) deciding the physical node operation state;
step 409: and if the running state of the physical node is normal, directly returning to the step 401, otherwise, discarding the parameter at the current moment, and then returning to the step 401.
Finally, the above embodiments are only intended to illustrate the technical solutions of the present invention and not to limit the present invention, and although the present invention has been described in detail with reference to the preferred embodiments, it will be understood by those skilled in the art that modifications or equivalent substitutions may be made on the technical solutions of the present invention without departing from the spirit and scope of the technical solutions, and all of them should be covered by the claims of the present invention.
Claims (8)
1. A network slice physical node anomaly detection method based on SVDD is characterized in that in a network slice scene, a network slice deployment and Virtual Network Function (VNF) are adopted to generate an observation data model, unsupervised anomaly detection and VNF observation data network slice sharing are considered, a network slice physical node anomaly detection model which is deployed on each network slice manager in a distributed mode is constructed, VNF observation data are processed in the distributed mode in each slice through a random approximate function, and finally, a random gradient descent method is adopted to achieve distributed online physical node anomaly detection.
2. The method according to claim 1, wherein the network slice deployment and VNF generating a model of observation data specifically comprises: the bottom layer physical network consists of M physical nodes which are communicated with each other, and N VNFs mapped on the physical nodes M in the network are total; there are three types of network slices deployed onto a physical network: an SFC corresponding to an Enhanced Mobile Broadband (EMBB) network slice consists of 6 VNFs, an SFC corresponding to an Ultra Reliable Low Latency Communication (URLLC) network slice consists of 5 VNFs, and an SFC corresponding to a Mass Machine Type Communication (MMTC) network slice consists of 4 VNFs; each network slice manager collects observation data of VNF in the slice, and the observation data of the physical node m at time t is s (t) ═ x1(t),x2(t),…,xN(t))TWherein x isnAnd (t), N is 1,2, …, and N is an observation data vector of the nth VNF deployed on the physical node m at the time t, and is composed of a flow rate, a queuing delay, a processing delay and a protocol type.
3. The method according to claim 1, wherein the constructing of the network slice physical node abnormality detection model which is distributively deployed on each network slice manager specifically includes: carrying out distributed parameter updating on the model for generating observation data by network slice deployment and VNF for multiple timesIterate to obtain a*=a1(t)=a2(t)=…=aN(t) is the center of the sphere, R*=R1(t)=R2(t)=…=RN(t) is the radius, ξ*=ξ1(t)=ξ2(t)=…=ξn(t) hypersphere in random feature space for relaxation variables; wherein, an(t)、Rn(t)、ξn(t) respectively updating the parameters in the network slice corresponding to the nth VNF at the time t to obtain the sphere center, the radius and the relaxation variable of the hypersphere in the random feature space; a is*、R*And ξ*Is a distributed updated hypersphere center a in each network slice after multiple iterationsn(t) radius Rn(t) and a slack variable ξn(t) converging the obtained values, in which process the hypersphere defined by the updated parameters in each network slice gradually coincides into the same hypersphere.
4. The SVDD-based network slice physical node anomaly detection method as claimed in claim 3, wherein the stochastic feature space is obtained by fitting raw VNF observation data x through a stochastic approximation function z (-) ton(t) high dimensional space to which the original observation data x is mappedn(t) is mapped as z (x)n(t))=[z1(xn(t)),…,zD(xn(t))]TWherein D is the dimension of the random feature space;
the hypersphere adopts a support vector data description model to update the parameter a for each network slice manager to VNF observation datan(t),Rn(t),ξn(t), N is hypersphere defined by 1,2, …, N, hypersphere parameters on each network slice manager are different in the initial stage;
the distributed mode refers to that VNF observation data are distributed and collected and stored by the network slice managers to which the VNFs belong, and are distributed and processed in the network slice managers, and transmission of VNF original observation data among slices does not exist.
5. The method of claim 3A network slice physical node anomaly detection method based on SVDD is characterized in that the parameter updating specifically comprises the following steps: parameter a within each network slicen(t)、Rn(t)、ξn(t) updating all adopt a random gradient descent method to the relaxation variable ξn(t) during updating, the value is required to be ensured to be positive after each updating; when the physical node running state is normal, the parameters a need to be shared among all network slicesn(t),Rn(t),ξn(t) the distributed parameter update in each network slice requires the result of the distributed parameter update at the previous time in all other slice managers.
6. The method for detecting the anomaly of the network slice physical node based on the SVDD according to claim 1, wherein the stochastic gradient descent method specifically comprises: updating the radius R of the hypersphere by a random gradient descent method in each network slice managern(t) and the center of sphere an(t) and a slack variable ξn(t), after the updating is completed, calculating a distributed discriminant function:
wherein sgn is a sign function; if g (x)n(t)). 1, VNFn observation data x at time tn(t) locating within the hypersphere obtained from the updating of the parameters in the random feature space; if g (x)n(t)) -1, then xn(t) is located outside the hypersphere.
7. The method according to claim 6, wherein the distributed online detection of the anomaly of the physical node in the network slice based on the SVDD specifically comprises: distributed parameter updating is finished on the network slice manager corresponding to each VNF, the real-time decision module judges the operation state of the physical node at the current moment according to the distributed discrimination function, and parameters of observation data updating when the operation state of the physical node is abnormal are discarded.
8. The method according to claim 7, wherein the real-time decision module specifically comprises: distributively updating the resulting parameter g (x) according to each network slice managern(t)) judgment
Whether or not it is equal to N, if
The running state of the physical node at the time t is normal, if so, the physical node is in a normal running state
The running state of the physical node is abnormal at the moment t; wherein N is the number of VNFs deployed on the target physical node;
if the physical node is in normal operation state, using each distributed parameter a at the current momentn(t),Rn(t),ξn(t) continuing to update the parameters of the random gradient descent method at the next moment; if the current physical node running state is abnormal, discarding the parameter a at the time tn(t),Rn(t),ξn(t) let an(t)=an(t-1),Rn(t)=Rn(t-1),ξn(t)=ξnAnd (t-1) continuing to update the parameters of the random gradient descent method at the next moment.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010107298.1A CN111371742B (en) | 2020-02-21 | 2020-02-21 | SVDD (singular value decomposition and direct data decomposition) -based network slice physical node anomaly detection method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010107298.1A CN111371742B (en) | 2020-02-21 | 2020-02-21 | SVDD (singular value decomposition and direct data decomposition) -based network slice physical node anomaly detection method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111371742A true CN111371742A (en) | 2020-07-03 |
| CN111371742B CN111371742B (en) | 2022-04-29 |
Family
ID=71212438
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010107298.1A Active CN111371742B (en) | 2020-02-21 | 2020-02-21 | SVDD (singular value decomposition and direct data decomposition) -based network slice physical node anomaly detection method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111371742B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112887145A (en) * | 2021-01-27 | 2021-06-01 | 重庆邮电大学 | Distributed network slice fault detection method |
| CN114423035A (en) * | 2022-01-12 | 2022-04-29 | 重庆邮电大学 | Service function chain abnormity detection method under network slice scene |
| WO2022237778A1 (en) * | 2021-05-10 | 2022-11-17 | 华为技术有限公司 | Anomaly detection method, communication apparatus and communication system |
| CN116506327A (en) * | 2023-06-26 | 2023-07-28 | 中航金网(北京)电子商务有限公司 | Physical node monitoring method, device, computer equipment and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107231384A (en) * | 2017-08-10 | 2017-10-03 | 北京科技大学 | A kind of ddos attack detection defence method cut into slices towards 5g networks and system |
| CN108173708A (en) * | 2017-12-18 | 2018-06-15 | 北京天融信网络安全技术有限公司 | Anomalous traffic detection method, device and storage medium based on incremental learning |
| US20180316543A1 (en) * | 2017-04-28 | 2018-11-01 | Electronics And Telecommunications Research Institute | Apparatus and method for managing integrated platform of wired and mobile communication services |
| CN110275758A (en) * | 2019-05-09 | 2019-09-24 | 重庆邮电大学 | A kind of virtual network function intelligence moving method |
| US20200028862A1 (en) * | 2018-07-17 | 2020-01-23 | International Business Machines Corporation | Distributed machine learning for anomaly detection |
-
2020
- 2020-02-21 CN CN202010107298.1A patent/CN111371742B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20180316543A1 (en) * | 2017-04-28 | 2018-11-01 | Electronics And Telecommunications Research Institute | Apparatus and method for managing integrated platform of wired and mobile communication services |
| CN107231384A (en) * | 2017-08-10 | 2017-10-03 | 北京科技大学 | A kind of ddos attack detection defence method cut into slices towards 5g networks and system |
| CN108173708A (en) * | 2017-12-18 | 2018-06-15 | 北京天融信网络安全技术有限公司 | Anomalous traffic detection method, device and storage medium based on incremental learning |
| US20200028862A1 (en) * | 2018-07-17 | 2020-01-23 | International Business Machines Corporation | Distributed machine learning for anomaly detection |
| CN110275758A (en) * | 2019-05-09 | 2019-09-24 | 重庆邮电大学 | A kind of virtual network function intelligence moving method |
Non-Patent Citations (1)
| Title |
|---|
| 王涛等: ""软件定义网络及安全防御技术研究"", 《通信学报》 * |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112887145A (en) * | 2021-01-27 | 2021-06-01 | 重庆邮电大学 | Distributed network slice fault detection method |
| WO2022237778A1 (en) * | 2021-05-10 | 2022-11-17 | 华为技术有限公司 | Anomaly detection method, communication apparatus and communication system |
| CN114423035A (en) * | 2022-01-12 | 2022-04-29 | 重庆邮电大学 | Service function chain abnormity detection method under network slice scene |
| CN114423035B (en) * | 2022-01-12 | 2023-09-19 | 北京宇卫科技有限公司 | Service function chain abnormality detection method in network slice scene |
| CN116506327A (en) * | 2023-06-26 | 2023-07-28 | 中航金网(北京)电子商务有限公司 | Physical node monitoring method, device, computer equipment and storage medium |
| CN116506327B (en) * | 2023-06-26 | 2023-11-24 | 中航金网(北京)电子商务有限公司 | Physical node monitoring method, device, computer equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111371742B (en) | 2022-04-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111371742B (en) | SVDD (singular value decomposition and direct data decomposition) -based network slice physical node anomaly detection method | |
| Yan et al. | Automatic virtual network embedding: A deep reinforcement learning approach with graph convolutional networks | |
| Pei et al. | Optimal VNF placement via deep reinforcement learning in SDN/NFV-enabled networks | |
| CN111368888A (en) | Service function chain fault diagnosis method based on deep dynamic Bayesian network | |
| EP3241319A1 (en) | Systems and methods for sdt to interwork with nfv and sdn | |
| US11443230B2 (en) | Intrusion detection model for an internet-of-things operations environment | |
| Amiri et al. | Controller selection in software defined networks using best-worst multi-criteria decision-making | |
| Lombardo et al. | An analytical tool for performance evaluation of software defined networking services | |
| US10742678B2 (en) | Vulnerability analysis and segmentation of bring-your-own IoT devices | |
| US20230306311A1 (en) | Federated Learning Method and Apparatus, Device, System, and Computer-Readable Storage Medium | |
| CN112637883A (en) | Federal learning method with robustness to wireless environment change in power Internet of things | |
| CN115358487A (en) | Federal learning aggregation optimization system and method for power data sharing | |
| CN114363052B (en) | Method, device, equipment and medium for configuring security policy in network slice | |
| CN108459908A (en) | Identification to the incompatible cotenant pair in cloud computing | |
| WO2021008675A1 (en) | Dynamic network configuration | |
| WO2023172292A9 (en) | Zero-touch deployment and orchestration of network intelligence in open ran systems | |
| Mai et al. | Deep learning to predict the feasibility of priority-based Ethernet network configurations | |
| US11201789B1 (en) | Coordinated device grouping in fog computing | |
| CN113259145B (en) | End-to-end networking method and device for network slicing and network slicing equipment | |
| WO2018114016A1 (en) | Apparatus and method for identifying network object groups | |
| CN109302723B (en) | Multi-node real-time radio monitoring control method based on Internet | |
| CN113420791B (en) | Access control method and device for edge network equipment and terminal equipment | |
| Wang et al. | LRA-3C: Learning based resource allocation for communication-computing-caching systems | |
| WO2021180145A1 (en) | Methods and systems for data management in communication network | |
| CN114844666B (en) | Network traffic analysis and reconstruction method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20240402 Address after: 1003, Building A, Zhiyun Industrial Park, No. 13 Huaxing Road, Henglang Community, Dalang Street, Longhua District, Shenzhen City, Guangdong Province, 518000 Patentee after: Shenzhen Wanzhida Technology Transfer Center Co.,Ltd. Country or region after: China Address before: 400065 Chongqing Nan'an District huangjuezhen pass Chongwen Road No. 2 Patentee before: CHONGQING University OF POSTS AND TELECOMMUNICATIONS Country or region before: China |