| 基于Hurst参数评估的网络异常检测方法的研究 |
| |
| 引用本文: | 毛蓝,刘渊,马书南.基于Hurst参数评估的网络异常检测方法的研究[J].计算机工程与设计,2007,28(8):1785-1787. |
| |
| 作者姓名: | 毛蓝 刘渊 马书南 |
| |
| 作者单位: | 江南大学,信息工程学院,江苏,无锡,214122 |
| |
| 摘 要: | 真实的网络流量普遍存在统计上的自相似性,因此传统的基于泊松过程和马尔科夫模型等已不能反映实际测量的流量.针对传统检测方法存在的问题,将基于Hurst参数评估应用到DoS攻击检测中,由H参数变化来检测DoS攻击.通过分析DARPA 1998入侵检测数据表明,基于该法的Hurst参数评估能够检测到DoS攻击,此法比传统的基于特征匹配的网络流量异常检测法在检测精度上有较大提高.
|
| 关 键 词: | 网络流量 异常检测 自相似性 Hurst参数 拒绝服务攻击 参数评估 网络异常 检测方法 研究 parameter estimation based detection abnormal network method of 检测精度 检测法 流量异常 特征匹配 数据表 入侵检测 DARPA 分析 变化 攻击检测 |
| 文章编号: | 1000-7024(2007)08-1785-03 |
| 修稿时间: | 2006-05-22 |
Research on method of network abnormal detection based on Hurst parameter estimation |
| |
| MAO Lan,LIU Yuan,MA Shu-nan.Research on method of network abnormal detection based on Hurst parameter estimation[J].Computer Engineering and Design,2007,28(8):1785-1787. |
| |
| Authors: | MAO Lan LIU Yuan MA Shu-nan |
| |
| Affiliation: | College of Information Engineering, Southern Yangtze University, Wuxi 214122, China |
| |
| Abstract: | Most researches regard the real traffic has self-similarity,so traditional model based possion or Markov can't adapt to the real traffic.In order to resolve these problems,the estimation is used based on Hurst parameter to detect DoS attack,researching on the affect of Hurst parameter change brought by DoS attack.By analyzing the 1998 DARPA intrusion detection evaluation dataset show that this method detect DoS attack,and is more reliable on the recognition of all kinds of DoS attack than any other method based on measure precision. |
| |
| Keywords: | network traffic abnormal detection self-similarity Hurst parameter denial of service attack |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
