Jisuanji kexue (Mar 2023)
Network Equipment Anomaly Detection Based on Time Delay Feature
Abstract
With the rapid development of the Internet,the security of network equipment has received extensive attention.Aiming at the problems of that the existing network equipment anomaly detection technology is destructive and difficult to detect,the paper uses the packets delay spent by the network equipment to transmit and process data packets as the detection basis,and proposes an anomaly detection scheme based on delay characteristics.The proposed scheme adopts side channel analysis,and it does not need to upgrade the equipment's software or hardware.It has the characteristics of non-intrusive and easy to implement.Firstly,the method uses the high-precision timing technology time stamp machine to collect the time delay information,and uses the genetic algorithm to extract the peak position feature of the delay distribution.Secondly,to solve the problem of the imbalance of data set,the method uses one-class support vector machine algorithm to construct anomaly detection algorithm.Finally,the validity of the method is verified by building an experimental platform,and the experimental results are evaluated.Experimental results show that the proposed method is feasible and effective.
Keywords
