中文摘要：

网络安全技术以防火墙、入侵检测等为主,较少从网络用户行为角度考虑可能进行的破坏行为。针对此问题,对网络流量NetFlow采集、统计,设计了表示用户行为特征的数据结构及统计模式,获得了行为的具体信息,建立了在一定时间粒度下的行为数据库;并在行为数据库的基础上,设计出适用于用户行为特征的聚类挖掘算法,定义了用户行为距离,确定各个用户的网络行为模式。实验表明,所设计算法可有效挖掘用户的网络行为,为管理、分析用户行为提供了有效依据。

英文摘要：

Most of the existing network security technologies mainly focus on firewall,intrusion detect system(IDS),and give less consideration on network malicious behavior from user behavior angle In accordance with aforementioned problem,designed and defined the structure of user behavior feature and the pattern of statistics,set up user behavior s database and got user behavior s detail information.The data were based on NetFlow collection and statistics.According to the information in database,designed the cluste...