I. Introduction
The rapid development of Internet technology has made network security issues increasingly prominent. Abnormal traffic detection is one of the effective means to discover potential network threats and reduce the harm of network attacks [1]. Network traffic anomaly detection technology is to extract useful network traffic identification features from the data information flow, and build and establish classification models through modeling methods. According to these classification models, the network traffic can be analyzed and evaluated as to whether the network traffic is normal or not, and finally given results of abnormal traffic identification.