期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于网络流量自相似性的蠕虫攻击检测方法研究 被引量:1

Method of Internet Worms Attack Detection Based on Network Flow Self-similarity
在线阅读 下载PDF
导出
摘要 网络蠕虫攻击是一种危害巨大且难以防御的网络攻击方式。传统的基于特征匹配的蠕虫检测方法受限于对蠕虫特征值的提取,无法检测未知类型蠕虫的攻击。在此将表征网络流量自相性的Hurst参数应用到蠕虫攻击检测,通过对Hurst参数的变化来检测未知类型蠕虫的攻击。实验表明该方法能有效检测到网络中采用主动扫描方式传播的未知类型蠕虫攻击行为。 Internet worms attack is harmful and difficult to defend. The traditional detection method based on feature matching is not suitable for detecting the attack launched by unknown worms since it requires worms'feature extraction in advance. The Hurst parameter of network flow self similarity is applied to the detection of worms attack. The attack of the un known worms is detected by changing the Hurst parameter. Experimental result shows that unknown worms' attacks can be detected efficiently.
作者 代昆玉 胡滨 王翔
机构地区 贵州大学计算机科学与信息学院
出处 《现代电子技术》 2011年第4期113-115,共3页 Modern Electronics Technique
基金 贵大自青基合字[2009]028号
关键词 网络蠕虫 攻击检测 网络流量 自相似性 Internet worms attack detection network flow self similarity
分类号 TN919-34 [电子电信—通信与信息系统]
  • 相关文献

参考文献10

  • 1LELAND W E, TAQQU M S, WII.LINGER W, et al. On the self-similar nature of Ethernet traffic (extended version) [J].IEEE/ACM Trans. on Networking, 1994, 2(1) : 1-15.
  • 2BERAN J, SHERMAN R, TRAQQU M S, et al. Long range dependence in variable bit rate video traffic[J]. IEEE Trans. on Communication, 1995, 43(2/3/4): 1566-1579.
  • 3第文军,薛丽军,蒋士奇.运用网络流量自相似分析的网络流量异常检测[J].兵工自动化,2003,22(6):28-31. 被引量:12
  • 4李永利,刘贵忠,王海军,尚赵伟.自相似数据流的Hurst指数小波求解法分析[J].电子与信息学报,2003,25(1):100-105. 被引量:22
  • 5Fyodor. The art of port scanning [M]. Phrack Magazine, 1997, 7(51): 11-17.
  • 6ELLIS Daniel R, AIKEN John G, ATTWOOD Kira S, etal. A behavioral approach to worm detection [C]// Proc. of ACM Workshop on Rapid Malcode. New York, USA: ACM, 2004: 43-53.
  • 7WU J, VANGALA S, GAO L, et al. An efficient architecture and algorithm for detecting worms with various scan techniques [J]. Proceedings of the Network and Distributed System Security Symposium. Washington: The Internet Society, 2004: 143-156.
  • 8LELAND W E, WILLINGER W, TAQQU Murad S, et al. On the self-similar nature of ethernet traffic [J].Computer Communication Review, 1995, 25(1) : 202 -213.
  • 9高能,冯登国,向继.一种基于数据挖掘的拒绝服务攻击检测技术[J].计算机学报,2006,29(6):944-951. 被引量:46
  • 10文伟平,卿斯汉,蒋建春,王业君.网络蠕虫研究与进展[J].软件学报,2004,15(8):1208-1219. 被引量:187

二级参考文献27

  • 1SkoudisEd.反击黑客[M].北京:机械工业出版社,2002..
  • 2[1]W.E. Leland, M. S. Taqqu, W. Willinger, D. V. Wilson, On the self-similar nature of Ethernet traffic (extended version), IEEE/ACM Trans. on Networking, 1994, 2(1), 1-15.
  • 3[2]J. Beran, R. Sherman, M. S.Taqqu, W. Willinger, Long range dependence in variable bit rate video traffic, IEEE Trans. on Communication, 1995, 43(2/3/4), 1566-1579.
  • 4[3]P. Abry, D. Veitch, Wavelet analysis of long-range dependent traffic, IEEE Trans. on Information Theory, 1998, 44(1), 2-15.
  • 5[4]Z. Sahinoglu, S. Tekinay, Multiresolution decomposition and burstiness analysis of traffic traces,Wireless Communications and Networking Conference, WCNC. New Orleans, LA, USA, IEEE,Vol.2, 1999, 560-563.
  • 6[5]P. Abry, P. Goncalves, P. Flandrin, Wavelet-based spectral analysis of 1/f process, IEEE International Conference on Acoustics, Speech, and Signal Processing, Minneapolis, MN, USA, Vol.3,1993, 237-240.
  • 7[6]G. Wornell, Signal Processing with Fractal: A Wavelet Based Approach, Prentice Hall, Znc. NJ,1995, 30-57.
  • 8[7]B. Tsybakov, N. D. Georganas, On self-similar traffic in ATM queues: Definitions, overflow probability bound, and cell delay distribution, IEEE/ACM Trans. on Networking, 1997, 5(3),397-409.
  • 9[8]S. Giordano, S. Miduri, M. Pagano, F. Russo, S. Tartarelli, A wavelet-based approach to the estimation of the Hurst parameter for self-similar data, International Conference on Digital Signal Processing, DSP 97, Santorini, Greece, Vol.2, 1997, 479-482.
  • 10[9]Z. Fan, P. Mars, Self-similar traffic generation and parameter estimation using wavelet transform,IEEE Global Telecommunications Conference, Phoenix, AZ, USA, Vol.3, 1997, 1419-1423.

共引文献257

同被引文献2

引证文献1

二级引证文献8

现代电子技术
2011年 第4期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部