期刊文献+
共找到1篇文章
< 1 >
每页显示 20 50 100
A Method for Detecting Wide-scale Network Traffic Anomalies
1
作者 Wang Minghua(National Computer Network Emergency Response Technical Team/Coordination Center(CNCERT/CC),Beijing 100029,China) 《ZTE Communications》 2007年第4期19-23,共5页
Network traffic anomalies refer to the traffic changed abnormally and obviously.Local events such as temporary network congestion,Distributed Denial of Service(DDoS)attack and large-scale scan,or global events such as... Network traffic anomalies refer to the traffic changed abnormally and obviously.Local events such as temporary network congestion,Distributed Denial of Service(DDoS)attack and large-scale scan,or global events such as abnormal network routing,can cause network anomalies.Network anomaly detection and analysis are very important to Computer Security Incident Response Teams(CSIRT).But wide-scale traffic anomaly detection requires extracting anomalous modes from large amounts of high-dimensional noise-rich data,and interpreting the modes;so,it is very difficult.This paper proposes a general method based on Principle Component Analysis(PCA)to analyze network anomalies.This method divides the traffic matrix into normal and anomalous subspaces,maps traffic vectors into the normal subspace,gets the distance from detected vector to average normal vector,and detects anomalies based on that distance. 展开更多
关键词 A Method for Detecting Wide-scale network traffic Anomalies DDOS Security PCA
下载PDF
上一页 1 下一页 到第
使用帮助 返回顶部