期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于统计学习的网络异常行为检测技术 被引量:6

Abnormal Network Behavior Detection Technology Based on Statistical Learning
下载PDF
导出
摘要 高级持续性威胁(APT)已经成为企业级安全用户的首要安全威胁。传统基于特征检测、边界防护的安全防范措施在应对APT攻击时存在不足。为此,介绍了网络异常行为检测方法的现状;分析了基于统计学习的检测方法的技术路线和体系架构,并以命令控制通道、获取行为等APT攻击中的典型环节为例,介绍了相关的参数提取和统计分析建模方法;总结了基于大数据的异常行为检测的特点,并指出了后续研究方向。 In recent years,advanced persistent threat(APT) has become the chief threat to enterprise users.The traditional security protection methods,such as signature-based detection and perimeter protection,are insufficient in dealing with APT.Therefore,the status of network anomaly behavior detection method was described.The technology roadmap and system architecture of abnormal behavior detection based on statistical learning were introduced.The feature extract method and statistical modeling methods were proposed.The characteristic of abnormal behavior detection based on big data was concluded and the direction of future research was proposed.
作者 周涛
机构地区 北京启明星辰信息安全技术有限公司
出处 《大数据》 2015年第4期38-47,共10页 Big Data Research
关键词 大数据 安全分析 异常行为检测 统计学习 big data security analysis abnormal behavior detection statistical learning
分类号 TP393.08 [自动化与计算机技术—计算机应用技术] TP311.13 [自动化与计算机技术—计算机软件与理论]
  • 相关文献

参考文献7

  • 1https://github.com/kbandla/APTnotes .
  • 2McCusker O,Brunza S,Dasgupta D.Deriving behavior primitives from aggregate network features using support vector machines. Proceedings of IEEE 5th International Conference on Cyber Conflict (CyCon) . 2013
  • 3Yen T F,Oprea A,Onarlioglu K,et al.Beehive:large-scale log analysis for detecting suspicious activity in enterprise networks. Proceedings of the 29th Annual Computer Security Applications Conference . 2013
  • 4Hutchins E M,Cloppert M J,Amin R M.Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. Leading Issues in Information Warfare&Security Research . 2011
  • 5Bhatt P,Toshiro Yano E,Gustavsson P M.Towards a Framework to Detect Multi-stage Advanced Persistent Threats Attacks. 2014 IEEE 8 th International Symposium on Service Oriented System Engineering (SOSE) . 2014
  • 6Kim M S,Kang H J,Hong S C etc.A Flow-based Method for Abnormal Network Traffic Detection. IEEE/IFIP Network Operations and Management Symposium . 2004
  • 7P. García-Teodoro,J. Díaz-Verdejo,G. Maciá-Fernández,E. Vázquez.??Anomaly-based network intrusion detection: Techniques, systems and challenges(J)Computers & Security . 2008 (1)

共引文献1

同被引文献48

引证文献6

二级引证文献124

大数据
2015年 第4期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部