共查询到18条相似文献,搜索用时 218 毫秒
1.
近年来出现了可以突破网络过滤访问国外被禁止信息的破网行为。针对破网行为的研究与控制,具有十分
重要的现实意义。流量分类技术一直是国内外网络测量方向的研究热点,并在P2P检测领域中取得了很好的效果。
将流量分类领域中的支持向量机技术应用于破网软件frccgatc的行为检测。实验结果表明,该方法对于破网行为产
生的流量具有较高的检测率,为有效监测破网行为提供了一种新思路。 相似文献
2.
3.
4.
5.
从高速网络安全监控设备与协议识别技术、高速网络入侵防御(IPS)技术和高速网络异常流量及行为检测技术等三方面重点阐述基于栅格化信息网的高速网络安全防护关键技术国内外同类技术的研究现状。指明高速骨干网络一体化安全监控设备系统结构、安全元数据分类、规范和描述技术、安全监控支撑技术、入侵防御技术、异常流量及行为检测技术的研究方向。 相似文献
6.
7.
曹鹏东软网络安全营销中心解决方案事业部部长深入流量分析企业中各种网络设备繁多,产生Flow数据、SNMP信息、原始数据包、B G P路由等不同层面的流量信息。对网络进行深入分析,往往需要产品具备异常行为特征库,通过特征匹配、内容检测、协议分析、行为分析等技术快速判断流量中隐藏的异常行为,同时还得允许管理员定制各类异常判断阈值,以增加符合客户网络实际环境的检测特征表项。对于不同的攻击,需要采用分类检测技术,使用异常检测法来检测拒绝服务攻击、蠕虫爆发等异常流量,使用特征匹配法检测特征明确的攻击,使用杀毒引擎来检测病毒… 相似文献
8.
基于主机的P2P流量检测与控制方案 总被引:6,自引:5,他引:1
P2P流量逐渐成为了互联网流量的重要组成部分,在对Internet起巨大推动作用的同时,也带来了因资源过度占用而引起的网络拥塞以及安全隐患等问题,妨碍了正常的网络业务的开展.由于P2P采用了动态端口等技术,使得传统的端口映射的方法对P2P流量的识别不再有效,如何有效地监测和控制P2P流量是网络测量领域一个重要的研究课题.介绍了各种P2P流量识别方法及优缺点,然后提出一种新型的检测与控制策略--基于主机的P2P流量检测与控制.实验结果及分析表明该方法能比较有效地检测P2P流量并具有更好的检测精度和控制效果. 相似文献
9.
10.
11.
作为计算机视觉的重要分支,异常行为识别与检测技术已在智能安防、医疗监护、交通管控等领域获得了广泛应用.对异常行为的界定及判别方法与场景因素紧密相关,针对不同应用场景特点,适当选择特征提取及异常行为识别与检测方法,进而保证预警准确率,在实际应用中至关重要.基于此,对基于视频的人体异常行为识别与检测方法进行综述,首先给出人体异常行为的定义、特点及分类;其次,对特征提取方法进行总结,特征提取方法的选取及提取特征的好坏直接影响后续判别结果;再次,从异常行为识别和异常行为检测两个角度对异常行为判别方法进行分析和讨论,给出常用异常行为检测数据集及相关算法表现;最后,对本领域未来研究方向提出展望. 相似文献
12.
高级持续性威胁(advanced persistent threat, APT)是当今工控网络安全首要威胁,而传统的基于特征匹配的工业入侵检测系统往往无法检测出最新型的APT攻击。现有研究者认为,敏感数据窃密是APT攻击的重要目的之一。为了能准确识别出APT攻击的窃密行为,对APT攻击在窃密阶段受控主机与控制与命令(Control and Command, C&C)服务器通信时TCP会话流特征进行深入研究,采用深度流检测技术,并提出一种基于多特征空间加权组合SVM分类检测算法对APT攻击异常会话流进行检测。实验表明,采用深度流检测技术对隐蔽APT攻击具备良好的检测能力,而基于多特征空间加权组合SVM分类检测算法较传统单一分类检测的检测精度更高,误报率更低,对工控网络安全领域的研究具有推进作用。 相似文献
13.
14.
Human Activity Recognition (HAR) from video data collections is the core application in vision tasks and has a variety of utilizations including object detection applications, video-based behavior monitoring, video classification, and indexing, patient monitoring, robotics, and behavior analysis. Although many techniques are available for HAR in video analysis tasks, most of them are not focusing on behavioral analysis. Hence, a new HAR system analysis the behavioral activity of a person based on the deep learning approach proposed in this work. The most essential aim of this work is to recognize the complex activities that are useful in many tasks that are based on object detection, modelling of individual frame characteristics, and communication among them. Moreover, this work focuses on finding out the human actions from various video resolutions, invariant human poses, and nearness of multi objects. First, we identify the key and essential frames of each activity using histogram differences. Secondly, Discrete Wavelet Transform (DWT) is used in this system to extract coefficients from the sequence of key-frames where the activity is localized in space. Finally, an Adaptive Weighted Flow Net (AWFN) algorithm is proposed in this work for effective video activity recognition. Moreover, the proposed algorithm has been evaluated by comparing it with the existing Visual Geometry Group (VGG-16) convolution neural networks for making performance comparisons. This work focuses on competent deep learning-based feature extraction to discriminate the activities for performing the classification accuracy. The proposed model has been evaluated with VGG-16 using a combination of regular UCF-101 activity datasets and also in very challenging Low-quality videos such as HMDB51. From these investigations, it is proved that the proposed AWFN approach gives higher detection accuracy of 96%. It is approximately 0.3% to 7.88% of higher accuracy than state-of-art methods. 相似文献
15.
Delgado N. Gates A.Q. Roach S. 《IEEE transactions on pattern analysis and machine intelligence》2004,30(12):859-872
A goal of runtime software-fault monitoring is to observe software behavior to determine whether it complies with its intended behavior. Monitoring allows one to analyze and recover from detected faults, providing additional defense against catastrophic failure. Although runtime monitoring has been in use for over 30 years, there is renewed interest in its application to fault detection and recovery, largely because of the increasing complexity and ubiquitous nature of software systems. We present taxonomy that developers and researchers can use to analyze and differentiate recent developments in runtime software fault-monitoring approaches. The taxonomy categorizes the various runtime monitoring research by classifying the elements that are considered essential for building a monitoring system, i.e., the specification language used to define properties; the monitoring mechanism that oversees the program's execution; and the event handler that captures and communicates monitoring results. After describing the taxonomy, the paper presents the classification of the software-fault monitoring systems described in the literature. 相似文献
16.
基于视觉的多目标跟踪由于在智能监控、动作与行为分析、自动驾驶、虚拟现实和娱乐互动等领域都有重要的应用,近年来越来越多地成为计算机视觉领域的研究重点。并且在电力设施中对人员的活动需要实时追踪,有助于安全防护。对此,针对视频中的多目标检测与分割问题,在原有Mask-RCNN算法的基础上做了改进,引入光流分析法和视频关键帧提取技术,在不改变检测精度的同时大幅度缩短对每一帧的检测时间。实验结果表明,相较于原有Mask-RCNN算法,改进的Mask-RCNN算法大幅缩短了检测时间,对比于其他的目标追踪算法,改进的Mask-RCNN算法增强了对视频中的对象实例识别和分割的效果,分割精度有了显著提升,达到了视频里的多目标追踪的需求,并且对提高多目标场景下的目标跟踪水平具有一定的实际意义。 相似文献
17.
18.
Hossain ShahriarAuthor Vitae Mohammad Zulkernine Author Vitae 《Journal of Systems and Software》2011,84(2):250-269
Software applications (programs) are implemented in a wide variety of languages and run on different execution environments. Programs contain vulnerabilities which can be detected before their deployment. Nevertheless, there exist some program vulnerabilities, which do not surface until a program is operational. No matter how much effort has been put during the development phases, building large vulnerability-free programs has proven extremely difficult in practice. Given that, it is very important to have a tool that can be used for online monitoring of programs in the operational stage. The tool can help to mitigate the consequences of some vulnerability exploitations, by early detection of attacks at runtime. Currently, many monitoring approaches have been proposed and applied in practice. However, there is no classification of these approaches to understand their common characteristics and limitations. In this paper, we present a taxonomy and classification of the state of the art approaches employed for monitoring program vulnerability exploitations (or attacks). We first classify the existing approaches based on a set of characteristics which are common in online attack detection approaches. Then, we present a taxonomy by classifying the approaches based on monitoring aspects that primarily differentiate among the approaches. We also discuss open issues and future research direction in the area of program vulnerability exploitation monitoring. The study will enable practitioners and researchers to differentiate among existing monitoring approaches. It will provide a guideline to consider the desired characteristics while developing monitoring approaches. 相似文献