基于精细流量的网络异常行为检测研究

Network Anomaly Detection based Fine Traffic Analysis

随着Internet的快速发展和网络应用范围的不断扩大,网络日益遭受到了黑客更多的恶意攻击,计算机网络的安全问题已成为一个国际化的问题。面对诸多的挑战与威胁,入侵的检测与防范技术必然成为当前安全审计中的核心技术之一。文章首先介绍了异常检测的发展概况和相关技术,对常用的检测算法进行了分析和评价,为基于网络精细协议流量分析的网络异常实时检测方法的研究提供理论基础。

With the rapid development of lnternet and the constant enlargement of network application range, network suffers more and more malicious attacks from hackes. The security of computer and network has already become an internationalized problem. In the face of so many challenges and threats, the technology of intrusion detection and intrusion defense is bound to become one of the key technologies in the current security audit. This paper briefs the develop- ment and related technologies of the anomaly detection, analyzes and evaluates the conventional detection algorithms, thus providing a theoretical foundation for research of detection method based on the fine traffic analysis.