摘要
针对高速骨干网中海量数据动态变化性和异常流量难以被识别的问题,提出一种基于异常流量粗粒度检测的自适应抽样方法。首先,在ASTUTE模型基础之上设计了异常流量粗粒度检测算法;接着,在对所有流进行初步的异常流量检测之后,进一步对检测到和未检测到的异常流量采取不同的抽样方法;然后,在OMNe T++仿真平台上构建了DDo S攻防仿真模型并予以实现。仿真实验验证了算法的有效性。仿真结果表明,与单独的自适应抽样和分组抽样算法相比,提出的自适应抽样算法在精确度相同时,可以减少抽样报文数;在抽样报文数相同时,可以提高短流的抽样精度。
For the dynamic changes of massive data and the difficulty in identifying abnormal traffic in high-speed backbone network,this paper proposed an adaptive sampling method based on anomaly traffic coarse-grained detection. Firstly,it designed an anomaly traffic coarse-grained detection algorithm based on ASTUTE. Secondly,it took a different sampling method for the abnormal flow detected or not after initial anomaly detection of all flows. Lastly,it established and achieved a DDo S attack and defense simulation model with OMNe T + + simulation platform. Simulation experiment verifies the effectiveness of the algorithm. Simulation results show that,compared with the single packet sampling and adaptive sampling,adaptive sampling method proposed in this paper can reduce the number of sampling packets in terms of accuracy is the same,and improve the accuracy of short flows in terms of sampling packets in the same.
出处
《计算机应用研究》
CSCD
北大核心
2015年第10期3052-3055,3059,共5页
Application Research of Computers
关键词
异常流量
粗粒度检测
抽样技术
自适应抽样
短时间尺度下的不相关流量均衡
abnormal flow
coarse-grained detection
sampling techniques
adaptive sampling
short-timescale incorrelated-traffic equilibrium(ASTUTE)
