摘要： 基于序贯频繁模式挖掘，提出并实现了一种宏观网络流量异常检测的方法。定义了一个新的频繁模式和相对应的异常度概念。对863-917网络安全监测平台提供的全国流量数据进行了实验，得出对应于“橙色八月”的2006年8月上旬流量严重异常的结论。通过与相关的其他传统算法进行对比，如使用绝对流量的算法和简单使用不同小时流量排名的算法，进一步说明序贯频繁模式对网络流量分析的实用性。

关键词: 宏观网络, 序贯频繁模式, 数据挖掘, 网络流量分析

Abstract: This paper presents and implements a macro-network traffic anomaly detection strategy based on sequential frequent pattern mining. The concepts of a new frequent pattern and the corresponding anomaly degree are given. Experiments are made on a real macro-network traffic data and a severe is found out anomaly and the model performs better than traditional approaches do, such as those use the bandwidth value directly or simply rank the bandwidth in different hours.

Key words: macro-network, sequential frequent pattern, data mining, network traffic analysis

中图分类号: 

• TP393