计算机科学 ›› 2016, Vol. 43 ›› Issue (3): 163-166.doi: 10.11896/j.issn.1002-137X.2016.03.031
邱卫,杨英杰
QIU Wei and YANG Ying-jie
摘要: 针对现有方法没有考虑联动网络流量的非线性动力学特性,以及不能有效区分正常联动业务流量和异常攻击流量的问题,提出了一种基于尖点突变模型的联动流量异常检测方法。通过对联动网络流量非线性动力学特征参数的分析与提取,建立正常流量的尖点突变模型;利用模型的平衡曲面来描述网络流量系统的行为,构造正常网络流量行为的平衡曲面;并以网络流量行为相对于正常平衡曲面的偏离程度作为异常检测的依据。实验结果表明,所提方法具有较高的检测率和较低的误报率。
[1] Zang Tian-ning,Yun Xiao-chun,Zhang Yong-zheng.A Model of Network Device Corrdinative Run[J].Chinese Journal of Computers,2011,34(2),216-228(in Chinese) 臧天宁,云晓春,张永铮.网络设备协同联动模型[J].计算机学报,2011,34(2):216-228 [2] Wang B Y,Yang H P,Zhang S M.Research on application of interaction firewall with IDS in distribution automation system[M]∥Advances in Electronic Engineering,Connumication and management Vol 1.Springer,2012:527-532 [3] Zheng Li-ming,Zou Peng,Jia Yan.How to Extract and Train the Classifier in Traffic Anomaly Detection System[J].Chinese Journal of Computers,2012,35(4):719-729(in Chinese) 郑黎明,邹鹏,贾焰.网络流量异常检测中分类器的提取与训练方法研究[J].计算机学报,2012,35(4):719-729 [4] Ahmed M,Mahmood A N.Novel Approach for Network Traffic Pattern Analysis using Clustering-based Collective Anomaly Detection[J].Annals of Data Science,Springer,2015,2(1):111-130 [5] Zhang Bin,Yang Jia-hai,Wu Jian-ping.Survey and Analysis on the Internet Traffic Model[J].Journal of Software,2011,2(1):115-131(in Chinese) 张宾,杨家海,吴建平.Internet流量模型分析与评述[J].软件学报,2011,2(1):115-131 [6] Alotibi G,Li F,Clarke N.Behavioral-Based Feature Abstraction from Network Traffic[C]∥ ICCWS 2015.2015:176-188 [7] Yang Xin-yu,Yang Shu-sen,Li Juan.A Flooding-BasedDDoS Detection Algorithm Based on Non-Linear Preprocessing Network Traffic Predicted Method[J].Chinese Journal of Computers,2011,34(2):395-405(in Chinese) 杨新宇,杨树森,李娟.基于非线性预处理网络流量预测方法的泛洪型DDoS攻击检测算法[J].计算机学报,2011,4(2):395-405 [8] Hofleitner A,Herring R,Abbeel P.Learning the dynamics ofarterial traffic from probe data using a dynamic Bayesian network[J].IEEE Transactions on Intelligent Transportation System,2012,3(4):1679-1693 [9] Wei Xiong,Hu Han-ping,Laurence T.Anomaly secure detection methods by analyzing dynamic characteristics of the network traffic in cloud communications[J].Information Sciences,2014(258):403-415 [10] Yang Yue.Network Traffic Anomaly Detection Method Based on a Feature of Catastrophe Theory[J].CHIN.PHYS.LETT.,2010,7(6):116-124 [11] Lin Jian-ren,Yang Xiao-long,Long Ke-ping,et al.Catastrophe Model Construction and Verification for Network Anomaly Detection[C]∥ SPIE Proceedings.Vol.7137,8:70-81 [12] Wei Xiong,Nai Xue-xiong,Laurence T.Yang.Network Traffic Anomaly Detection based on Catastrophe Theory[C]∥2010 IEEE GLOBECOM Workshops.2010:2070-2074 [13] Gu J,Chen S.Nonlinear Analysis on Traffic Flow Based on Catastrophe and Chaos Theory[J].Discrete Dynamics in Nature and Society,2014,3(3):253-264 [14] Yang Xiao-long,Zhang Min,Hu Wu-sheng.IP Network Anomalous Behaviors Detection Mechanism[J].Journal of University of Electronic Science and Technology of China,2011,0(6):892-897(in Chinese) 阳小龙,张敏,胡武生.基于尖点突变模型的IP网络异常行为检测方法[J].电子科技大学学报,2011,0(6):892-897 [15] Zhang Xian-jiang,Liu Xiao-qiang.Nonlinear Network TrafficPrediction Model Based on Parameters Joint Optimization[J].Computer Engineering and Application,2014,50(6):64-67(in Chinese) 张显江,刘小强.一种参数联合优化的网络流量非线性预测模型[J].计算机工程与应用,2014,50(6):64-67 [16] Wen Xiang-xi,Meng Xiang-ru,Ma Zhi-qiang.The Chaotic Ana-lysis and Trend Prediction on Small-Time Scale Network Traffic[J].ACTA Electronica Sinica,2012,40(8):1609-1616(in Chinese) 温祥西,孟相如,马志强.小时间尺度网络流量混沌性分析及趋势预测[J].电子学报,2012,40(8):1609-1616 [17] Kane J,Lawrence J,Farnon M.Analysis of network traffic:883870[P]. [18] 胡晓洁.正态分布及其扩展综述[J].数学学习与研究,2014(3):92-94 [19] Kolbusz J,Rozycki P,Korniak J.The Simulation of MaliciousTraffic Using Self-similar Traffic Model[M]∥Human-Compu-ter Systems Interaction:Background and Applications 2.Sprin-ger,2012:327-341 |
No related articles found! |
|