-
公开(公告)号:KR101383069B1
公开(公告)日:2014-04-08
申请号:KR1020130059834
申请日:2013-05-27
Applicant: 한국전자통신연구원
CPC classification number: H04L63/1408 , H04L43/045
Abstract: The present invention relates to a device and a method for detecting network abnormality using cluster information and visually showing the detected result. For this purpose, the device for detecting network abnormality of the present invention includes: a packet collection unit for collecting packets transmitted and received in a network; a packet analysis unit for extracting predetermined attribute values of the packets, and generating attribute value vectors by vectorizing the attribute values; a grouping unit for generating a plurality of groups by grouping the attribute value vectors with predetermined size and interval; a clustering unit for generating clusters by clustering the groups; a cluster analysis unit for concluding analysis data by analyzing the clusters; and a determination unit for determining a state of the network based on the analysis data. [Reference numerals] (110) Packet collection unit; (120) Packet analysis unit; (130) Grouping unit; (140) Clustering unit; (150) Visualization unit; (160) Cluster analysis unit; (170) Determination unit
Abstract translation: 本发明涉及一种使用群集信息检测网络异常并在视觉上显示检测结果的装置和方法。 为此,本发明的网络异常检测装置包括:收集在网络中发送和接收的分组的分组收集单元; 分组分析单元,用于提取分组的预定属性值,并通过对属性值进行向量化来生成属性值向量; 分组单元,用于通过以预定大小和间隔对所述属性值向量进行分组来生成多个组; 用于通过聚类所述组来生成聚类的聚类单元; 聚类分析单元,用于通过分析聚类结束分析数据; 以及确定单元,用于基于分析数据确定网络的状态。 (附图标记)(110)分组收集单元; (120)分组分析单元; (130)分组单位; (140)聚类单元; (150)可视化单元; (160)聚类分析单元; (170)确定单位
Search Results
1
records
(took 0.017 seconds)
