摘要
建立一套行之有效的网络病毒预警体系,是尽早发现新型网络病毒,并控制其蔓延的有力举措;针对网络病毒发作时会产生大量新IP地址数据包这一特点,采用CUSUM算法对其统计特性进行实时监控,及时发现异常变化,从而对网络病毒进行实时报警,根据统计量的特点,提出了可调的参数设定方法,以更加适应网络环境。通过在计算机上的模拟测试,证明该算法对网络病毒具有较高的检测精度与速度,且运算开销小,代码简单,可以嵌入到网络设备中。
It is an important way to build an operatively precaution architecture for finding the new network virus and controlling its infection timely, Aiming at the increaseof the new IP addresses contained in packets when the network viruses outbreak, employing the CUSUM (Cumulative SUM) algorithm to trace their statistics characteristic in real time and detect its abnormity, so that the network virus alarm can be given in time. According to the characteristics of statistics, the paper puts forward an adjustable parameter setup system to increasethe adaptive capacity to network. Simulation experiments indicate that the algorithm has the higher detecting accuracy and speed and spends less system resources, and can be embedded into network devices for its simple codes.
出处
《计算机测量与控制》
CSCD
2006年第8期1116-1118,共3页
Computer Measurement &Control