| 校园网可信运行架构设计与实现 |
| |
| 引用本文: | 秦华,张书杰.校园网可信运行架构设计与实现[J].计算机工程,2008,34(8):270-272. |
| |
| 作者姓名: | 秦华 张书杰 |
| |
| 作者单位: | 北京工业大学计算机学院,北京,100022 |
| |
| 摘 要: | 提出对异常事件进行分析、提取、评估和响应的机制。该机制通过采集网络流并分析其行为,挖掘出异常行为网络流,利用贝叶斯模型评估其对网络可用性的威胁,根据威胁等级自动生成不依赖设备实现的策略规则,采用XML技术将策略规则转换成不同厂商设备的策略配置命令并部署到具体设备中。整个机制具有持续的网络控制能力并支持跨平台工作。
|
| 关 键 词: | 网络可信运行 异常行为提取 贝叶斯模型 策略描述 策略转换 |
| 文章编号: | 1000-3428(2008)08-0270-03 |
| 修稿时间: | 2007年5月22日 |
Design and Implementation of Trusted Campus Network Operation Architecture |
| |
| QIN Hua,ZHANG Shu-jie.Design and Implementation of Trusted Campus Network Operation Architecture[J].Computer Engineering,2008,34(8):270-272. |
| |
| Authors: | QIN Hua ZHANG Shu-jie |
| |
| Affiliation: | (College of Computer, Beijing University of Technology, Beijing 100022) |
| |
| Abstract: | This paper provides a mechanism which depends on the ability of networking devices to analyze, detect, assess and response anomaly events in network operation. By collecting network traffic and classifying according to their behavior, a method is employed to mining the anomaly traffic behavior. The threat level to the network availability is computed by Bayesian model and the corresponding policies are generated to control this anomaly traffic automatically based on the result of threat evaluation. These policies are device-independent, and will be transformed to devices-dependent policy configuration commands by using XML techniques before they are deployed to a particular device. The mechanism given in this paper has capability to control network continuously and provides support to different networking equipments from different vendors. |
| |
| Keywords: | trusted network operation anomaly behavior extraction Bayesian models policy specification policy transformation |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
