In order to improve the accuracy of detecting the new P2P(peer-to-peer)botnet,a novel P2P botnet detection method based on the network behavior features and Dezert-Smarandache theory is proposed.It focuses on the netw...In order to improve the accuracy of detecting the new P2P(peer-to-peer)botnet,a novel P2P botnet detection method based on the network behavior features and Dezert-Smarandache theory is proposed.It focuses on the network behavior features,which are the essential abnormal features of the P2P botnet and do not change with the network topology,the network protocol or the network attack type launched by the P2P botnet.First,the network behavior features are accurately described by the local singularity and the information entropy theory.Then,two detection results are acquired by using the Kalman filter to detect the anomalies of the above two features.Finally,the above two detection results are fused with the Dezert-Smarandache theory to obtain the final detection results.The experimental results demonstrate that the proposed method can effectively detect the new P2P botnet and that it considerably outperforms other methods at a lower degree of false negative rate and false positive rate,and the false negative rate and the false positive rate can reach 0.09 and 0.12,respectively.展开更多
针对超声波传感器测量过程中方位角存在不确定性的问题,提出了一种基于超声反射波到达时间(Time of Arrival,TOA)的目标距离及方位角的测量方法,并据此发展了基于超声探测的环境感知方法 .基于混合高斯拟合对回波信号进行处理,消除了信...针对超声波传感器测量过程中方位角存在不确定性的问题,提出了一种基于超声反射波到达时间(Time of Arrival,TOA)的目标距离及方位角的测量方法,并据此发展了基于超声探测的环境感知方法 .基于混合高斯拟合对回波信号进行处理,消除了信号串扰问题,提高了目标距离和方位信息的测量精度.基于传感器波束角的特性,实现了不同距离下目标的同时测量.通过引入“不确定度”,构建信度分配函数,采用DSmT(Dezert-Smarandache Theory)方法进行数据融合,实现地图更新.搭建了实验装置与实验环境,并对相关方法进行了实验验证,实验结果表明,通过135次测量即可实现对环境基本轮廓的建图,建图误差在3 cm以内.展开更多
基金The National High Technology Research and Development Program of China(863 Program)(No.2011AA7031024G)the National Natural Science Foundation of China(No.61133011,61373053,61472161)
文摘In order to improve the accuracy of detecting the new P2P(peer-to-peer)botnet,a novel P2P botnet detection method based on the network behavior features and Dezert-Smarandache theory is proposed.It focuses on the network behavior features,which are the essential abnormal features of the P2P botnet and do not change with the network topology,the network protocol or the network attack type launched by the P2P botnet.First,the network behavior features are accurately described by the local singularity and the information entropy theory.Then,two detection results are acquired by using the Kalman filter to detect the anomalies of the above two features.Finally,the above two detection results are fused with the Dezert-Smarandache theory to obtain the final detection results.The experimental results demonstrate that the proposed method can effectively detect the new P2P botnet and that it considerably outperforms other methods at a lower degree of false negative rate and false positive rate,and the false negative rate and the false positive rate can reach 0.09 and 0.12,respectively.