| 运用网络流量自相似分析的网络流量异常检测 |
| |
| 引用本文: | 第文军,薛丽军,蒋士奇.运用网络流量自相似分析的网络流量异常检测[J].兵工自动化,2003,22(6):28-31. |
| |
| 作者姓名: | 第文军 薛丽军 蒋士奇 |
| |
| 作者单位: | 电子科技大学,计算机学院,四川,成都,610054 |
| |
| 摘 要: | 网络流量自相似分析有聚集方差法、R/S分析法、周期图法和Whittle法.基于网络流量自相似分析的网络流量异常检测采用正常流量模型、对网络流量自相似性参数Hurst及其时变函数H(t)进行分析.对网络流量进行实时限幅及使用数据库统计,通过检测自相似性变化,判断网络流量是否异常.分布式拒绝服务攻击试验表明,此法比传统的基于特征匹配的网络流量异常检测法在识别精度与实时性上有较大提高.
|
| 关 键 词: | 入侵检测 网络流量 自相似性 分布式拒绝服务攻击 |
| 文章编号: | 1006-1576(2003)06-0028-04 |
| 修稿时间: | 2003年5月12日 |
Abnormity Detection of Network Traffic Applied Self-Similarity Analysis of Network Traffics |
| |
| DI Wen-jun,XUE Li-jun,JIANG Shi-qi.Abnormity Detection of Network Traffic Applied Self-Similarity Analysis of Network Traffics[J].Ordnance Industry Automation,2003,22(6):28-31. |
| |
| Authors: | DI Wen-jun XUE Li-jun JIANG Shi-qi |
| |
| Abstract: | Self-similarity analysis of network traffic (SSANT) includes aggregated variance, R/S analysis, periodic diagram and whittle methods. The normal model of network traffic was adopted in abnormity detection of network traffic based on SSANT. Self-Similarity Hurst parameter and time variable function H(t) of network traffics was analyzed. Network traffic was limited in real time and the abnormity characteristic was refined with database statistical analysis. Through detection of self-similarity change was measured, then determine whether the current traffic is normal. Attack test of distributed decline service shows that abnormity detection of network traffic based on SSANT is more reliable on the recognition of network traffic abnormity than any other traditional method based on character recognition. |
| |
| Keywords: | Intrude detection Network traffic Self-similarity analysis Distributed decline service |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《兵工自动化》浏览原始摘要信息 |
|
点击此处可从《兵工自动化》下载全文 |
