摘要
针对在NetFlow数据流的环境中,如何解决海量数据识别的问题,提出基于K层特征模型的异常流量识别算法。采用优先级策略依次打开索引表,读取异常行为,并与异常行为的特征值逐条匹配,匹配成功作标记,确定异常行为类型。实验结果表明,该算法能够快速有效地识别异常数据流,提高了海量数据识别的实效性,有效地解决了网络安全问题,达到设计目标。
This paper mainly addressed how to identify a mass of dada in NetFlow environment. It proposed an algorithm of abnormal flow identification based on dynamic K-layer feature model. With priority strategies, index table was opened reading the abnormal behavior and matching with eigenvalues one by one. When a match was done successfully, it was marked and the type of abnormal behavior was determined. The experimental result shows that it can identify the abnormal flow quickly and efficiently. It improves the efficiency of identification, and solves network security problems and achieves design goals.
出处
《计算机应用》
CSCD
北大核心
2012年第5期1397-1399,1414,共4页
journal of Computer Applications
基金
国家信息安全管理中心项目(2006C27)