摘要
随着互联网的飞速发展,网络安全问题受到越来越多的关注。作为一种重要的网络监管控制手段,流量异常检测技术也越来越受到人们的重视。目前流量异常检测方法有很多,基于熵的流量异常检测是近几年研究较多的一种方法。文中在基于熵的流量异常检测的基础上,先对两种算法进行编程实现,即基于信息熵的流量异常检测算法和基于联合熵的流量异常检测算法,而后对这两种算法进行实验测试与分析比较,结果表明基于联合熵的流量异常检测可以更为有效地检测出异常。同时根据分析结果,提出一种有效的检测流量异常的分析思路。
With the rapid development of Internet, the network security receives more and more attention. As one of the important means of network monitoring and control, the traffic anomaly detection technology has been realizing more important by people. Now there are many ways to detect the anomaly of the traffic, and the anomaly detection technology based on entropy is an important means in recent years. First the anomaly detection technology based on information entropy and the anomaly detection technology based on joint-entropy are programming realized in this paper, then make an experimental test and an analysis according to the two ways. It shows that the anom- aly detection technology based on joint-entropy is more effective, and then a valid analysis of ideas to detect the anomaly of traffic is pro- posed.
出处
《计算机技术与发展》
2013年第5期120-123,共4页
Computer Technology and Development
基金
"新一代宽带无线移动通信网"重大专项(2011ZX03002-005-03)
国家自然科学基金资助项目(61202428
60870015
60903150)
北京市自然科学基金项目(4122060)
关键词
异常检测
熵
联合熵
anomaly detection
entropy
joint-entropy
