决策树算法在僵尸网络检测中的应用
摘要
近年僵尸网络已经引起了信息安全领域的高度重视,目前现有的IRC僵尸网络检测算法或者需要先验知识,或者不能达到轻量实时处理,多数都不能满足大规模网络检测的需要,因此本文主要利用僵尸网络昵称采用决策树算法对其进行分析判断,检测是否是僵尸网络。
出处
《通讯世界》
2016年第8期51-51,共1页
Telecom World
参考文献3
-
1FRANCOIS J,WANG S,STATE R,et al.BotTrack:Tracking B otnets using NetFlow and PageRank [G].Lecture Notes in Computer Science, Valencia, Spanin, 2011,6640 : 1 ~ 14.
-
2NAGARAJA S,MITI?AL P,HONG C,et al.BotGrep:Findi n g P2P bots with structured graph analysis[C]in Proceedings of thel9th USENIX Confer- ence on Security, Washington, DC, United states, 2010:1-16.
-
3徐鹏,林森.基于C4.5决策树的流量分类方法[J].软件学报,2009,20(10):2692-2704. 被引量:171
二级参考文献17
-
1Moore AW, Zuev D. Internet traffic classification using Bayesian analysis techniques. In: Proc. of the 2005 ACM SIGMETRICS Int'l Conf. on Measurement and Modeling of Computer Systems, Banff, 2005. 50-60. http://www.cl.cam.ac.uk/-awm22 /publications/moore2005internet.pdf.
-
2Madhukar A, Williamson C. A longitudinal study of P2P traffic classification. In: Proc. of the 14th IEEE Int'l Syrup. on Modeling, Analysis, and Simulation. Monterey, 2006. http://ieeexplore.ieee.org/xpl/ffeeabs_all.jsp?arnumber=1698549.
-
3Moore AW, Papagiannaki K. Toward the accurate identification of network applications. In: Dovrolis C, ed. Proc. of the PAM 2005. LNCS 3431, Heidelberg: Springer-Verlag, 2005.41-54.
-
4Karagiannis T, Papagiannaki K, Faloutsos M. BLINC: Multilevel traffic classification in the dark. In: Proc. of the ACM SIGCOMM. Philadelphia, 2005. 229-240. http://conferences.sigcomm.org/sigcomm/2005/paper-KarPap.pdf.
-
5Roughan M, Sen S, Spatscheck O, Dutfield N. Class-of-Service mapping for QoS: A statistical signature-based approach to IP traffic classification. In: Proc. of the ACM SIGCOMM Internet Measurement Conf. Taormina, 2004. 135-148. http://www.imconf.net/imc-2004/papers/p 135-roughan.pdf.
-
6Zuev D, Moore AW. Traffic classification using a statistical approach. In: Dovrolis C, ed. Proc. of the PAM 2005. LNCS 3431, Heidelberg: Springer-Verlag, 2005. 321-324.
-
7Nguyen T, Armitage G. Training on multiple sub-flows to optimise the use of Machine Learning classifiers in real-world IP networks. In: Proc. of the 31 st IEEE LCN 2006. Tampa, 2006. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=4116573.
-
8Eerman J, Mahanti A, Arlitt M. Internct traffic identification using machine learning techniques. In: Proc. of the 49th IEEE GLOBECOM. San Francisco, 2006. http://pages.cpsc.ucalgary.ca/-mahanti/papers/globecom06.pdf.
-
9Erman J, Arlitt M, Mahanti A. Traffic classification using clustering algorithms. In: Proc. of the ACM SIGCOMM Workshop on Mining Network Data (MineNet). Pisa, 2006. http://conferences.sigcomm.org/sigcomm/2006/papers/minenet-01.pdf.
-
10Bernaille L, Teixeira R, Salamatian K. Early application identification. In: Proc. of the Conf. on Future Networking Technologies 2006 (CoNEXT 2006). Lisboa, 2006. http://portal.acm.org/citation.efm?id=1368445.
共引文献170
-
1高文才,曹帅.基于MRF-FCM算法的矿井运动目标图像优化[J].工矿自动化,2024,50(S01):69-73.
-
2邓建国,张素兰,张继福,荀亚玲,刘爱琴.监督学习中的损失函数及应用研究[J].大数据,2020,6(1):60-80. 被引量:41
-
3代志康,吴秋新,程希明.一种基于ResNet的网络流量识别方法[J].北京信息科技大学学报(自然科学版),2020,35(1):82-88. 被引量:5
-
4陈陆颖,丛蓉,杨洁,于华.P2P Streaming Traffic Classification in High-Speed Networks[J].China Communications,2011,8(5):70-78. 被引量:1
-
5赵树鹏,陈贞翔,彭立志.基于流中前5个包的在线流量分类特征[J].济南大学学报(自然科学版),2012,26(2):156-160. 被引量:3
-
6孟姣,王丽宏,熊刚,姚垚.基于机器学习的SSH应用分类研究[J].计算机研究与发展,2012,49(S2):153-159. 被引量:2
-
7胡婷,王勇,陶晓玲.网络流量分类方法的比较研究[J].桂林电子科技大学学报,2010,30(3):216-219. 被引量:4
-
8胡婷,王勇,陶晓玲.混合模式的网络流量分类方法[J].计算机应用,2010,30(10):2653-2655. 被引量:8
-
9易兴辉,王国胤,胡峰.一种新的基于粗糙集的动态样本识别算法[J].南京大学学报(自然科学版),2010,46(5):501-506. 被引量:8
-
10刘浩力.多层次压缩决策树在计算机取证中的应用[J].中国信息界,2011(1):60-62.
