| 一种混合的网络蠕虫检测方法 |
| |
| 引用本文: | 周翰逊,郭薇,王妍,王龙,贾大宇.一种混合的网络蠕虫检测方法[J].小型微型计算机系统,2011,32(5). |
| |
| 作者姓名: | 周翰逊 郭薇 王妍 王龙 贾大宇 |
| |
| 作者单位: | 1. 辽宁大学,信息科学与技术学院,辽宁,沈阳,110036
2. 东北大学,信息科学与工程学院,辽宁,沈阳,110004 |
| |
| 基金项目: | 国家自然科学基金项目(60873068)资助; 辽宁省自然科学基金项目(20102083)资助; 辽宁省教育厅高等学校科研计划项目(20060349)资助; 中国博士后科学基金面上项目(20100471474)资助; 辽宁大学“211工程”三期《极端计算技术》子项目资助; 辽宁大学青年科研基金项目(2009LDQN39)资助 |
| |
| 摘 要: | 提出一种综合采用网络蠕虫行为检测和网络蠕虫反馈检测的混合蠕虫检测方法.在网络蠕虫行为检测方面,将一个局域网作为一个访问模型对于蠕虫进行检测.在网络反馈蠕虫检测方面,利用网络对于蠕虫攻击反馈的信息作为网络反馈检测方法的特征.然后,通过CUSUM(Cumu lative Sum)算法将以上两种检测方法综合考虑来提高网络蠕虫检测的准确性.实验结果表明本文提出的方法可以准确高效地检测网络蠕虫.
|
| 关 键 词: | 网络安全 蠕虫 蠕虫行为检测 网络反馈的蠕虫检测 CUSUM算法 |
Hybrid Worm Detection Approach |
| |
| ZHOU Han-xun,GUO Wei,WANG Yan,WANG Long,JIA Da-yu.Hybrid Worm Detection Approach[J].Mini-micro Systems,2011,32(5). |
| |
| Authors: | ZHOU Han-xun GUO Wei WANG Yan WANG Long JIA Da-yu |
| |
| Affiliation: | ZHOU Han-xun1,GUO Wei2,WANG Yan1,WANG Long1,JIA Da-yu1 1(School of Information Science and Technology,Liaoning University,Shenyang 110036,China)2(School of Information Science and Engineering,Northeastern University,Shenyang 110004,China) |
| |
| Abstract: | A hybrid worm detection approach which utilizes worm behavior and network feedback detection is presented.As for worm behavior detection,the local network is considered as an access model to detect worms.As for network feedback detection of worm,the feedback information which is generated by network is considered as the features of detection.Then CUSUM(Cumulative Sum) algorithm is utilized to improve the accuracy of worm detection by comprehensive consideration of the detection approaches above.The experime... |
| |
| Keywords: | network security worm worm behavior detection network feedback detection of worm cumulative sum algorithm |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
