摘要： 湍流尺度分析中的对数无限可分级串方法具有描述数据流全范围下的多尺度行为的优点，可用于对网络流量的多尺度行为的分析。在对几组正常流量和含蠕虫的异常流量分析讨论的基础上，发现受数据流内含协议数据的成分变化的影响，正常流量的多尺度分段点具有不确定性；而受W32/Blaster 蠕虫影响的数据流的尺度特性符合幂律关系，即尺度不变性；W32/Nachi 蠕虫不影响TCP 数据流的尺度特性。

关键词: 对数无限可分级串；扩展自相似性；尺度；异常网络流量

Abstract: The log-infinitely divisible cascades method in scale analysis of turbulence could describe the multi-scale behavior of data in full range,which is used to study the scale behavior of network traffic. Based on the discussions on several datasets of normal and abnormal traffics, it is learned that the joint of multi-scale of normal traffic is not a certain value because of the influences made by the percentages of components with different TCP protocols. And the structure functions of traffic with worm W32/Blaster have the power law on scales, while traffic with worm W32/Nachi has little effect on the scales of TCP component.

Key words: Log-infinitely divisible cascades; Extended self-similarity; Scale; Abnormal network traffic