|
|||||
|
|
| 企业IT网络异常流量综合检测模型 | |
| 引用本文: | 邱雪松,陈坚,郭海生,高志鹏.企业IT网络异常流量综合检测模型[J].北京邮电大学学报,2009,32(6):28-31. |
| 作者姓名: | 邱雪松 陈坚 郭海生 高志鹏 |
| 作者单位: | 1. 北京邮电大学,网络与交换技术国家重点实验室,北京,100876 2. 中兴通讯技术股份有限公司,网管产品部,南京,210012 |
| 基金项目: | 国家重点基础研究发展计划项目,国家高技术研究发展计划项目,国家自然科学基金创新研究群体项目,国家自然科学基金面上项目 |
| 摘 要: | 结合企业内部信息技术网络特点,提出了用时间窗比较进行网络异常流量检测的新算 法. 将新算法同已有的静态、动态检测算法相结合,提出了网络异常流量综合检测模型. 该 模型可通过不同方法和角度进行比较,以发现网络中是否存在异常流量. 通过实际实现和 测试验证了模型的有效性. |
| 关 键 词: | 网络异常 异常检测 网络管理 |
| 收稿时间: | 2009-03-22 |
Anomaly Traffic Integrated Detection Model for Enterprise IT Network |
|
| QIU Xue-song,CHEN Jian,GUO Hai-sheng,GAO Zhi-peng.Anomaly Traffic Integrated Detection Model for Enterprise IT Network[J].Journal of Beijing University of Posts and Telecommunications,2009,32(6):28-31. | |
| Authors: | QIU Xue-song CHEN Jian GUO Hai-sheng GAO Zhi-peng |
| Affiliation: | QIU Xue-song1,CHEN Jian2,GUO Hai-sheng2,GAO Zhi-peng1 (1.State Key Laboratory of Networking , Switching Technology,Beijing University of Posts , Telecommunications,Beijing 100876,China,2.Network Management Product Department,Zhongxing Telecommunication Equipment Limited,Nanjing 210012,China) |
| Abstract: | A new algorithm of the network anomaly traffic detection by using time windows comparing method is proposed based on the feature of enterprise information technology (IT) network traffic. Then, combining the new algorithm, the present static detection algorithm and the dynamic detection algorithm, the integrated detection model of network anomaly traffic is proposed. The model can check the network anomaly traffic by comparison methods by different ways and from different views. Finally, the availability of model is validated by implementation and testing of model in real environment. |
| Keywords: | network anomaly traffic anomaly detection network management |
| 本文献已被 CNKI 万方数据 等数据库收录! | |
| 点击此处可从《北京邮电大学学报》浏览原始摘要信息 | |
| 点击此处可从《北京邮电大学学报》下载全文 | |