ABSTRACT

Network attacks, intrusion detection, and intrusion prevention are important topics in cyber security. Network flows and system events generate big data, which often leads to challenges in intrusion detection with high efficiency and good accuracy. This paper focuses on the ‘Volume’, ‘Veracity’, and ‘Variety’ of big data characteristics in network traffic and attacks. Datasets with various data types including numerical data and categorical data (such as status or flag data) are analyzed with the help of R language and its functions. Data duplicates detection and removal, missing values detection, and data quality analysis are also performed. The analysis of masquerades for various users is conducted. In addition, the correlation analysis of variables and a clustering analysis based on k-means are also performed.

摘要

网络攻击、入侵检测和入侵防御是网络安全中的重要主题。网络流量和系统事件产生的大数据往往给入侵检测带来高效、准确的挑战。本文重点关注网络流量和攻击中大数据特征的“数量”、“真实性”和“多样性”。借助R语言及其函数分析具有各种数据类型的数据集，包括数值数据和分类数据（例如状态或标志数据）。还执行数据重复检测和删除、缺失值检测和数据质量分析。对各种用户的伪装进行了分析。此外，变量的相关分析和基于k的聚类分析-手段也被执行。