期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于Hurst参数评估的网络异常检测方法的研究 被引量:2

Research on method of network abnormal detection based on Hurst parameter estimation
下载PDF
导出
摘要 真实的网络流量普遍存在统计上的自相似性,因此传统的基于泊松过程和马尔科夫模型等已不能反映实际测量的流量。针对传统检测方法存在的问题,将基于Hurst参数评估应用到DoS攻击检测中,由H参数变化来检测DoS攻击。通过分析DARPA 1998入侵检测数据表明,基于该法的Hurst参数评估能够检测到DoS攻击,此法比传统的基于特征匹配的网络流量异常检测法在检测精度上有较大提高。 Most researches regard the real traffic has self-similarity, so traditional model based possion or Markov can't adapt to the real traffic. In order to resolve these problems, the estimation is used based on Hurst parameter to detect DoS attack, researching on the affect of Hurst parameter change brought by DoS attack. By analyzing the 1998 DARPA intrusion detection evaluation dataset show that this method detect DoS attack, and is more reliable on the recognition of all kinds of DoS attack than any other method based on measure precision.
作者 毛蓝 刘渊 马书南
机构地区 江南大学信息工程学院
出处 《计算机工程与设计》 CSCD 北大核心 2007年第8期1785-1787,共3页 Computer Engineering and Design
基金 国防预研基金项目(A1420061266)
关键词 网络流量 异常检测 自相似性 HURST参数 拒绝服务攻击 network traffic abnormal detection self-similarity Hurst parameter denial of service attack
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献10

  • 1Kendall K.A database of computer attacks for the evaluation of intrusion detection systems[D].Boston:Massachusetts Institute of Technology,1999.
  • 2Park K,Willinger W.Self-similar network traffic:An overview,self-similar network traffic and performance evaluation[C],New York:Wiley-Interscience,2000.1-39.
  • 3Morris R,Lin D.Variance of aggregated web traffic[C].Proceedings of IEEE INFOCOM 2000.360-366.
  • 4Kettani H.A novel approach to the estimation of the long-range dependence parameter[D].University of Wisconsin-Madison,2000.
  • 5Abry P,Flandrin P,Taqqu MS,et al.Wavelets for the analysis,estimation and synthesis of scaling data[Z].Boston,2000.134-156.
  • 6王成,刘金刚,刘汉武.网络中突发业务自相似建模及其Hurst系数估计[J].计算机工程,2006,32(2):101-103. 被引量:9
  • 7张雪芹,顾春华,林家骏.入侵检测技术的挑战与发展[J].计算机工程与设计,2004,25(7):1096-1099. 被引量:14
  • 8Park K,Willinger W.Self-similar network traffic:An overview self-similar network traffic and performance evaluation[M].New York:John Wiley and Sons,2000.
  • 9张建忠,徐敬东,练书成,辛颖.可扩展的异常检测系统的研究与实现[J].计算机工程与设计,2005,26(7):1722-1725. 被引量:1
  • 10彭新光,马晓丽.会话属性优化的网络异常检测模型[J].计算机工程与设计,2005,26(11):2945-2948. 被引量:2

二级参考文献23

  • 1Forrest S, Hofmeyr S A, Somayaji A. A sense of self for unix processes [J]. IEEE Transactions on Software Engineering,1996,13(2):222-232.
  • 2Lee W, Xiang D. Information-theoretic measures for anomaly detection[C]. Oakland, CA, USA:Proc of the 2001 IEEE Symposium on Security and Privacy,2001.130-143.
  • 3William W Cohen. Fast effective rule induction[C]. Proc of the12th International Conference on Machine Learning, Lake Taho,CA, Morgan Kaufmann, 1995. 115-123.
  • 4Ghosh A, Wanken J, Charron F. Detecting anomalous and unknown intrusions against program[C].Proc of the 14th Annual Computer Security Applications Conference, Scottsdale, AZ,1998.259-267.
  • 5Rebecca Bace, Peter Mell. Intrusion detection system[DB/CD].NIST Special Publication on Intrusion Detection System.
  • 6韩海东 王超 李群.入侵检测系统实例分析[M].北京:清华大学出版社,2002..
  • 7Andreas Wespi, Giovanni Vigna, Luca Deri(Eds). 5th international symposium, RAID 2002 [C]. New York: Springer-Verlag Berlin Heidelberg, 2002.
  • 8Juan M Est&ez-Tapiador, Pedro Garci a-Teodoro, Jesus E Di az-Verdejo. Measuring normality in HTTP traffic for anomaly-based intrusion detection[J].International Journal of Computer and Telecommunications Networking, 2004, 45(2): 175-193.
  • 9Wenke Lee, Sal Stolfo. A Framework for constructing feature and models for intrusion detection systems[J]. ACM Transactions on Information and System Security, 2000, 3(4): 227-261.
  • 10Matthew V Mahoney, Philip K Chan. An Analysis of the 1999 DARPA/lincoln laboratories evaluation data for network anomaly detection[C]. Berlin Germany: Springer, Proceedings of the 6th International Symposium on Recent Advances in Intrusion Detection, Lecture Notes in Computer Science, 2003. 220-237.

共引文献22

同被引文献19

引证文献2

二级引证文献4

计算机工程与设计
2007年 第8期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部