Approach to Anomaly Traffic Detection in a Local Network

Approach to Anomaly Traffic Detection in a Local Network

下载PDF

导出

摘要 The research intends to solve the problem of the occupation of bandwidth of local network by abnormal traffic which affects normal user's network behaviors.Firstly,a new algorithm in this paper named danger-theory-based abnormal traffic detection was presented.Then an advanced ID3 algorithm was presented to classify the abnormal traffic.Finally a new model of anomaly traffic detection was built upon the two algorithms above and the detection results were integrated with firewall.The firewall limits the bandwidth based on different types of abnormal traffic.Experiments show the outstanding performance of the proposed approach in real-time property,high detection rate,and unsupervised learning. The research intends to solve the problem of the occupation of bandwidth of local network by abnormal traffic which affects normal user＇s network behaviors. Firstly, a new algorithm in this paper named danger-theory-based abnormal traffic detection was presented. Then an advanced ID3 algorithm was presented to classify the abnormal traffic. Finally a new model of anomaly traffic detection was built upon the two algorithms above and the detection results were integrated with firewall. The firewall limits the bandwidth based on different types of abnormal traffic. Experiments show the outstanding performance of the proposed approach in real-time property, high detection rate, and unsupervised learning.

作者王秀英肖立中邵志清

机构地区 Department of Computer Information School of Information Science and Engineering Department of Computer Science and Information Engineeting

出处《Journal of Donghua University(English Edition)》 EI CAS 2009年第6期656-661,共6页 东华大学学报（英文版）

基金 Shanghai Education Commission Foundation for Excellent Young High Education Teachers,China(No.xqz05001 No.YYY-07008)

关键词 clanger theory information enlropy ID3 algorithm abnormal traffic 流量检测网络异常 ID3算法异常流量网络带宽无监督学习网络行为交通异常

分类号 TP393.07 [自动化与计算机技术—计算机应用技术] TH814 [机械工程—精密仪器及机械]

引文网络
相关文献

参考文献2

1李涛.基于免疫的网络监控模型[J].计算机学报,2006,29(9):1515-1522. 被引量：52
2吴冰,云晓春,陈海永.基于统计的网络流量模型及异常流量发现[J].高技术通讯,2007,17(10):1007-1012. 被引量：2

二级参考文献37

1Butler D.. Computer security: Who's been looking at your data? Nature, 2002, 418:580-582
2Albert R. , Jeong H. , Barabasi A. L.. Diameter of the worldwide Web. Nature, 1999, 401:130-131
3Balthrop J. , Forrest S. , Newman M. E. J. , Williamson M.M.. Technological networks and the spread of computer viruses. Science, 2004, 304(5670): 527-529
4Staniford S. , Paxson V. , Weaver N.. How to own the internet in your spare time. In: Proceedings of the 11th USENIX Security Symposium, San Francisco Marriott, 2002, 149-167
5Morda D.. Public monitoring. In: Proceedings of the 16th FIRST Conference on Computer Security Incident Handling Response, Budapest, 2004, 81-88
6Albert R. , Jeong H. , Barabasi A.L.. Attack and error tolerance of complex networks. Nature, 2002, 406:378-382
7Klarreich E.. Inspired by Immunity, Nature, 2002, 415:468-470
8Forrest S. , Perelson A. S.. Self-nonself discrimination in a computer. In; Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, 1994, 202-213
9Hofmeyr S. , Forrest S.. Architecture for an artificial immune system. Evolutionary Computation, 2000, 8(4): 443-473
10Harmer P. K. , Williams P. D. , Gunsch G. H. , Lamont G. B.An artificial immune system architecture for computer security applications. IEEE Transactions on Evolutionary Computation,2002, 6(3): 252-280

共引文献52

1赵丰,赵端正.基于危险免疫模型的入侵检测算法研究[J].赤峰学院学报（自然科学版）,2008,24(10):25-27.
2张宏琳,王小明.基于生物免疫原理的网络蠕虫免疫模型[J].计算机科学与探索,2007,1(1):95-107.
3孙飞显,刘晓洁,李涛,赵奎,胡晓勤,曾金全.基于家族基因的网络访问控制模型[J].计算机工程,2007,33(12):37-39.
4童健华,谭洪舟.一种基于人工免疫网络的文本聚类算法[J].计算机工程与科学,2007,29(10):17-19. 被引量：1
5黄磊,黄迪明.基于Multi-memory机制的克隆选择算法及其在模式识别中的应用[J].计算机应用,2008,28(1):112-115. 被引量：1
6许春,刘晓洁,李涛,赵辉,刘念,刘孙俊.一种基于危险信号的拒绝服务入侵检测方法[J].四川大学学报（工程科学版）,2007,39(5):116-120. 被引量：5
7黄磊,黄迪明.一种面向数据分析的新型人工免疫模型研究[J].计算机应用,2008,28(2):307-310.
8王磊,董菡,银彩燕.基于免疫机制的智能反垃圾邮件过滤器的研究[J].计算机科学,2008,35(4):60-62.
9银彩燕,王磊.基于免疫机制的通用访问控制框架[J].计算机工程,2008,34(16):198-200.
10宋建邦,赵鑫,贺红.网络入侵诱骗系统的设计与实现[J].电脑编程技巧与维护,2008(13):94-95.

1方晓莹,黄林伟,刘富强.ITS中基于视频的交通异常情况检测[J].计算机工程与应用,2006,42(36):212-215. 被引量：5
2方晓莹,王小君.基于视频的智能交通异常检测系统[J].微型机与应用,2010,29(6):35-38. 被引量：2
3Li Layuan Wuhan Transportation University, 430063, P. R. China.A Transport Protocol and Its Formal Description for Local Networks[J].Journal of Systems Engineering and Electronics,1998,9(1):48-55. 被引量：1
4LI Zhanchun LI Zhitang LIU Bin.Anomaly Detection System Based on Principal Component Analysis and Support Vector Machine[J].Wuhan University Journal of Natural Sciences,2006,11(6):1769-1772. 被引量：1
5杨健,欧阳志友.Adhoc网络Internet接入的动态QoS研究[J].计算机应用与软件,2012,29(11):61-64. 被引量：1
6王玉玲,任永功.一种利用不完整数据检测交通异常的方法[J].计算机科学,2016,43(S1):425-429. 被引量：4
7靳燕.检测未知攻击的数据预处理算法研究[J].山西师范大学学报（自然科学版）,2013,27(4):23-26. 被引量：1
8史振华,刘外喜,杨家烨.SDN架构下基于ICMP流量的网络异常检测方法[J].计算机系统应用,2016,25(4):135-142. 被引量：8
9Yi David Wang.Anomaly in China's Dollar-RMB Forward Market[J].China & World Economy,2010,18(2):96-120. 被引量：4
10温晓岳,邱淳风,王浩,李建元.基于微波数据的城市交通异常度计算方法[J].计算机时代,2015(6):48-52.

Journal of Donghua University(English Edition)

2009年第6期

浏览历史

内容加载中请稍等...

Approach to Anomaly Traffic Detection in a Local Network

参考文献2

二级参考文献37

共引文献52

相关作者

相关机构

相关主题

浏览历史