| 基于网络流量的实时入侵检测 |
| |
| 引用本文: | 李眩.基于网络流量的实时入侵检测[J].信息安全与通信保密,2010(7):63-65. |
| |
| 作者姓名: | 李眩 |
| |
| 作者单位: | 安徽铜陵职业技术学院管理系,安徽,铜陵,244000 |
| |
| 摘 要: | 实时异常检测是目前网络安全的研究热点,基于大规模网络流量的统计特征,提出了一个基于统计的流量异常检测模型。根据网络流量的测度集,描绘了一个正常网络流量的基线。参照该正常流量基线,使用假设检验理论进行异常检测。采用一个基于滑动窗口的流量更新策略和感应阈控制模型,使异常检测能够更加高效。
|
| 关 键 词: | 检测 感应阈 滑动窗口 网络流量 |
Real-time Intrusion Detection System Based on Network Traffic |
| |
| LI Xuan.Real-time Intrusion Detection System Based on Network Traffic[J].China Information Security,2010(7):63-65. |
| |
| Authors: | LI Xuan |
| |
| Affiliation: | LI Xuan (Management Dept.,Tongling College of Professional Technologies,Tongling Anhui 244000,China) |
| |
| Abstract: | Real-time anomaly detection is a focus of network security research in recent years. Based on statistical characters of traffic in a large-scale network,this paper proposes a traffic anomaly detection model based on statistics. According to the measurable aggregate of network traffic,a normal traffic baseline is established. In the light of the normal network baseline,the theory of hypothesis test is used to carry out the anomaly detection. In order to make the anomaly detection more efficient,the traffic update policy based on glide window and the sense valve technology are adopted in the model. |
| |
| Keywords: | anomaly detection the sense valve glide window network traffic |
| 本文献已被 维普 万方数据 等数据库收录! |
|
