摘要
研究网络数据在分布式存储下的相关性,有利于入侵检测整体的学习和指导优化数据的存储。重点研究了网络传输过程中各种类型数据的流量的这种相关性,提出了一种基于分布式统计(DS)的时间序列分析方法:根据网络协议间的关系将数据包分组,分析数量关系并给出报警阈值。仿真实验结果表明,该方法能较好地发现各种网络攻击。
Studying relationship of distributed storage data would be conductive to the overall intrusion detection learning,thus this relationship could not only be used for intrusion detection learning algorithm,but also supervise to optimize data's storage. According to the analysis focused on relationship of network traffic in the distributed storage, a method based on distributed statistical time series was proposed. According to the relationship of network protocol, this method could group data packet, thus analyzed quantity relationship and gave alarm threshold. The experiment results show that the method can be used to detect network attacks.
出处
《计算机科学》
CSCD
北大核心
2010年第7期110-114,共5页
Computer Science
基金
教育部高校博士点基金(20060183043)资助
关键词
入侵检测
时间序列
分布式统计
网络流量
Intrusion detection,Time series,Distributed statistical,Network traffic
