| FB-NBAS:一种基于流的网络行为分析模型 |
| |
| 引用本文: | 李军,曹文君,李杨. FB-NBAS:一种基于流的网络行为分析模型[J]. 计算机工程, 2008, 34(3): 165-167 |
| |
| 作者姓名: | 李军 曹文君 李杨 |
| |
| 作者单位: | 复旦大学软件学院,上海,200433 |
| |
| 摘 要: | 传统的入侵检测系统通常需要对攻击预先了解,在流量分析和异常检测方面存在不足。该文提出一种新的基于流的统计分析模型,通过构建网络的行为特征库,实时监测和发现网络异常,基于该分析技术设计和实现了一个网络监控系统原型。该原型可以监测和发现网络中可疑代码,并进行实时跟踪。
|
| 关 键 词: | 网络监控 网络行为 行为分析 |
| 文章编号: | 1000-3428(2008)03-0165-03 |
| 收稿时间: | 2007-02-20 |
| 修稿时间: | 2007-02-20 |
FB-NBAS: A Flow-based Network Behavior Analysis Model |
| |
| LI Jun,CAO Wen-jun,LI Yang. FB-NBAS: A Flow-based Network Behavior Analysis Model[J]. Computer Engineering, 2008, 34(3): 165-167 |
| |
| Authors: | LI Jun CAO Wen-jun LI Yang |
| |
| Affiliation: | (School of Software, Fudan University, Shanghai 200433) |
| |
| Abstract: | Traditional Intrusion Detection Systems(IDSs) requires prior knowledge of attacks, loses effectiveness in flow analysis and abnormity detection. This paper proposes a new flow-based network behavior analysis model, which monitors and detects abnormity of network by building up a network behavior features base for each host. Based on this technology, a network monitor prototype system is designed and implemented. The system can detect malicious codes and track them in real time. |
| |
| Keywords: | network monitor network behavior behavior analysis |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载免费的PDF全文 |
