【作者】 陆萍；

【导师】 白似雪；

【作者基本信息】 南昌大学 ， 计算机应用技术， 2008， 硕士

【摘要】 随着网络规模不断扩大,网络结构日益复杂,如何保证网络高效、稳定运行,已经成为网络管理的重要问题。正确的网络告警相关性分析可以提高网络管理效率,辅助网络管理人员过滤无关告警,删除冗余告警,定位和预测网络故障。本文将序列模式挖掘方法应用到网络告警分析中,研究基于频繁模式增长的告警序列模式挖掘,以及网络情景规则更新挖掘等重要问题,本文研究重点及其研究成果主要体现在以下几方面:1、数据预处理对数据后续挖掘效率以及挖掘结果影响很大,本文针对告警数据特点,研究并设计告警数据预处理模型,能够将冗余、含噪音的原始告警数据转化为适合序列模式挖掘的告警序列数据库。2、深入分析基于频繁模式增长的告警挖掘算法—FSPM-FP,针对其存在的告警序列偏序关系难确定的问题,提出一种改进的模式树构造方法,同时修改告警挖掘过程,降低了树的存储空间。3、针对目前告警序列选择条件单一(支持度和置信度)情况,提出一种带拓扑关系判断的网络情景规则挖掘算法—MNER-TP,算法引入告警序列拓扑关系判断,可过滤掉频繁但相关性小的告警序列,只保留频繁又相关性大的告警序列,提高了挖掘结果精度。4、在分析基于频繁模式更新挖掘算法基础上,研究基于顺序模式的告警更新挖掘算法,对所有告警采用统一排序,能够减少模式树更新过程中频繁的节点交换操作,以此提高更新效率;最后分别给出了支持数和数据变化两种情况的更新挖掘方法。更多还原

【Abstract】 As the network becomes large scale and its construction goes complex, it has become an important problem how to ensure the network run with high-effect and stabilization. Alarm correlation analysis is key issue for network management, which can assist network administrators filter useless alarm, delete redundancy alarm, orientate and forecast network fault, improves the efficiency of network management.In this thesis, we apply sequence pattern mining technology to network alarm correlation analysis and study alarm sequence pattern mining based on frequent pattern growth and network episode rules update etc important issues. The research and innovation are described in details as follows:1、Data pretreatment has deep influence on mining efficiency and result. Aming at the character of alarm data, we bring forward a data pretreatment model for translating the redundancy and noise original alarm data into alarm sequence database that is suitable for sequence pattern mining.2、Analyse alarm mining algorithm-FSPM-FP deeply which based on frequent pattern growth, owing to the problem of alarm sequence partial order doubtfully, an modification method for pattern tree construction is presented. At the same time, we also make some modifications in mining process, it can not only resolve this problem, moreover memory space of tree is been reduced.3、To deal with the problem that the single support-confidence condition to select frequent alarm sequence modes, bring forward a new mining algorithm-MNER-TP which based on network topology relationship. Due to the algorithm introduce the judgement of alarm sequence topology relationship, so it can filte high frequence but less relativity, and reserve high frequence and much more relativity alarm sequences, improve the precise of mining result.4、Research the updata frequent sequence pattern mining algorithm, then we bring forward an alarm update mining algorithm based on order pattern tree. It adopt an unification order for all the alarms so as to improve the efficiency of updating, which can avoid exchanging nodes continually in mining process.The algorithm is able to deal with support count change and alarm data renovate two kinds condition.更多还原