期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于流感知的复杂网络应用识别模型 被引量:2

Flow-awared identification model of sophisticated network application
下载PDF
导出
摘要 ;传统协议识别技术多以单网络流为识别手段,不能应对复杂网络应用多服务、多协议等特性,因此在面对复杂网络应用识别时严重失效。针对复杂网络应用的识别难题,提出了一种流感知模型,从空间、时间和流量3个维度来刻画复杂网络应用的通信特性,深度分析并挖掘了复杂网络应用的行为和状态特征;基于此模型,提出了一套快速识别复杂网络应用的方法和架构。实验结果表明,流感知模型能有效识别复杂网络应用,具有良好的识别效果。 Traditional methods of protocol identification, which is mainly based on individual flow, lose their effective- ness as dealing with sophisticated network applications. A novel model of identifying sophisticated network applications, called flow-aware model, is addressed. This proposed model abstracts the characteristics of sophisticated network appli- cations from spatial dimension, time dimension and flow dimension, and provides the detailed analysis and deeply mining in characteristics of behaviors and states. Based on this model, a framework and method of sophisticated network appli- cations identification is proposed. The experimental results demonstrate that the proposed method can achieve the pur- pose of identifying sophisticated network applications effectively.
作者 张洛什 王大伟 薛一波
机构地区 哈尔滨理工大学计算机科学与技术学院 国家计算机网络应急技术处理协调中心 清华大学信息技术研究院 清华大学信息科学与技术国家实验室
出处 《通信学报》 EI CSCD 北大核心 2015年第3期188-196,共9页 Journal on Communications
基金 国家科技支撑计划基金资助项目(2012BAH46B04)~~
关键词 协议识别 行为分析 流感知 复杂网络应用 protocol identification behavior analysis flow aware sophisticated network application
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献21

  • 1IANA[EB/OL]. http://www.iana.org/.
  • 2SEN S, SPATSCHECK O, WANG D. Accurate, scalable in network identification of P2P traffic using application signatures[A]. Proceed- ings of the 13th international conference on World Wide Web[C]. New York, USA, 2004.512-521.
  • 3KARAGIANNIS T, BROIDO A, BROWNLEE N, et al. Is P2P dying or just hiding?[A]. Proceedings of the 47th annual IEEE Global Tele- communications Conference[C]. Dallas, USA, 2004.1532-1538.
  • 4HU C C, YI T, CHEN X F. et al. Per-flow queueing by dynamic queue sharing[A]. Proceedings of the 26th IEEE International Conference on Computer Communications[C]. Anchorage, Alaska, 2007. 1613-1621.
  • 5SOMMER R, PAXSON Enhancing byte-levelnetwork intrusion detection signatures with context[A]. Proceedings of the 10th ACM Conference on Computer and Communications Decurity (CCS 2003)[C]. Chicago, USA, 2003. 262-271.
  • 6SMTICH R, ESTAN C, ]HA S. XFA: faster signaturematching with extended automata[A]. Proceedings of the 2008 IEEE Symposium on Security and Privacy (sp 2008)[C]. Oakland, USA, 2008. 187-201.
  • 7JAMES E, CARLA B, CATHERINE Behavioral authentication of server flows[A]. Proceedings of the 19th Annual Computer Security AlaDlications ConferencelC]. 2003.46-55.
  • 8王一鹏,云晓春,张永铮,李书豪.基于主动学习和SVM方法的网络协议识别技术[J].通信学报,2013,34(10):135-142. 被引量:13
  • 9AULD T, MOORE ANDREW W, STEPHEN F. Bayesian neural net- works for Internet traffic classification[J]. IEEE Trans Neural Net-works, 2007,18(1): 223-239.
  • 10YANG B H, HOU G D, RUAN L Y, et al. SMILER: towards proacti- cal online traffic classification[A]. Proceedings of the 2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Svstems[C]. DC. USA. 2011. 178-188.

二级参考文献40

  • 1王益丰,李涛,胡晓勤,宋程.一种基于人工免疫的网络安全实时风险检测方法[J].电子学报,2005,33(5):945-949. 被引量:30
  • 2陈秀真,郑庆华,管晓宏,林晨光.层次化网络安全威胁态势量化评估方法[J].软件学报,2006,17(4):885-897. 被引量:341
  • 3Yu F,Chen Z,Diao Y et al.Fast and memory-efficient regular expression matching for deep packet inspection//Proceedings of the 2006 ACM/IEEE Symposium on Architecture for Networking and Communications Systems.San Jose,California,USA,2006:93-102.
  • 4Yatagai T,Isohara T,Sasase I.Detection of HTTP-GET flood attack based on analysis of page access behavior//Proceedings of the 2007 IEEE Pacific Rim Conference on Communications.Computers and Signal Processing.Victoria,Canada,2007:232-235.
  • 5Floyd S.Random early detection gateways for congestion avoidance.IEEE/ACM Transactions on Networking,1993,1(4):397-413.
  • 6TC:http://www.linuxfoundation.org/en/Net:Iproute2.
  • 7Mahoney M V,Chan P K.An analysis of the 1999 DARPA/Lincoln Laboratory evaluation data for network anomaly detection//Proceedings of the 6th International Symposium on Recent Advances in Intrusion Detection.Pittsburgh,PA,USA,2003:220-237.
  • 8Wang K,Stolfo S J.Anomalous payload-based network intrusion detection//Proceedings of the 7th International Symposium on Recent Advances in Intrusion Detection.Sophia Antipolis,France,2004:203-222.
  • 9方滨兴.解读信息安全创新突破点.http://www.cert.org.cn/articles/news/common/2007051823317,shtml,2007.
  • 10Wang B,Zhu P,Wen Q et al.A honeynet-based firewall scheme with initiative security strategies//Proceedings of the 2009 International Symposium on Computer Network and Multimedia Technology.Wuhan,China,2009:1-4.

共引文献38

同被引文献11

引证文献2

二级引证文献6

通信学报
2015年 第3期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部