| 基于数据流模型的NetFlow流数据安全检测分析系统 |
| |
| 引用本文: | 梁峰,谭建龙,刘任任,张志斌.基于数据流模型的NetFlow流数据安全检测分析系统[J].信息网络安全,2009(4):69-71. |
| |
| 作者姓名: | 梁峰 谭建龙 刘任任 张志斌 |
| |
| 作者单位: | 1. 中国科学院计算技术研究所,北京,100190
2. 湘潭大学信息工程学院,湖南湘潭,411105 |
| |
| 摘 要: | 本文设计了一个基于数据流模型的Netflow流数据安全监测分析系统,其应用背景是在骨干网络路由器上的大规模数据流处理。基于对Netflow原始流信息中的源/目的IP地址、源/目的端口、TCP/UDP/ICMP协议等进行SUM、CONUT、Top-K三种聚集计算,对骨干网络中的流数据根据相关需求进行监测骨干网络中的网络安全事件,进一步对未知蠕虫病毒具有检测和预警的功能。SUM、COUNT、Top-K三个底层通用算法基于数据流模型,体现出了它的实时性、持续性及其高性能。
|
| 关 键 词: | 数据流 netflow SUM COUNT Top-k 蠕虫病毒检测 |
Netflow Data Statistic System based on Data Stream Model |
| |
| LIANG Feng,TAN Jian-long,LIU Ren-ren,ZHANG Zhi-bin.Netflow Data Statistic System based on Data Stream Model[J].Netinfo Security,2009(4):69-71. |
| |
| Authors: | LIANG Feng TAN Jian-long LIU Ren-ren ZHANG Zhi-bin |
| |
| Affiliation: | LIANG Feng, TAN Jian-long, LIU Ren-ren, ZHANG Zhi-bin(1. Institute of Computing Technology, Chinese Academy of Sciences, Beijing, 100190, China 2. College of Information Engineering, Xiangtan University, Xiangtan Hunan, 411105, China) |
| |
| Abstract: | In this paper, we design a Netflow data security monitoring analysis system which is applied to core router's large-scale data stream.The system is based on data stream model and able to perform three kinds of aggregation computation, SUM, COUNT and Top-K; Which monitor core router's network security event by related data stream, and make the system suitable for unknown worm virus detection and early warning. The aggregation computation algorithm is based on data stream model, and thus, has the characteristic of real-time, persistent and high performance. |
| |
| Keywords: | netflow SUM COUNT Top-k |
| 本文献已被 维普 万方数据 等数据库收录! |
|
