首页 | 本学科首页   官方微博 | 高级检索  
     

基于sFlow技术的园区网蠕虫病毒侦测系统
引用本文:李彭军,张海,郭文明. 基于sFlow技术的园区网蠕虫病毒侦测系统[J]. 计算机工程与设计, 2007, 28(2): 346-348
作者姓名:李彭军  张海  郭文明
作者单位:南方医科大学,网络中心,广东,广州,510515;南方医科大学,网络中心,广东,广州,510515;南方医科大学,网络中心,广东,广州,510515
摘    要:蠕虫病毒是网络的主要威胁之一.实时流量采集和分析对于快速侦测和定位已感染蠕虫病毒的计算机具有重要意义.常见的蠕虫病毒监测方法如IDS和Sniff等,都存在难以全网监控、无法快速定位伪造IP地址的病毒源的缺点.分析了多种网络流量采集技术的优缺点,重点介绍了sFlow技术,并基于sFlow技术设计实现了一套园区网蠕虫病毒快速侦测系统.

关 键 词:sFlow  采样  蠕虫  病毒  入侵检测  侦听
文章编号:1000-7024(2007)02-0346-03
修稿时间:2005-12-31

Worm detection system for campus networks based on sFlow technology
LI Peng-jun,ZHANG Hai,GUO Wen-ming. Worm detection system for campus networks based on sFlow technology[J]. Computer Engineering and Design, 2007, 28(2): 346-348
Authors:LI Peng-jun  ZHANG Hai  GUO Wen-ming
Affiliation:Network Center, Southern Medical University, Guangzhou 510515, China
Abstract:Worm is one of the main threats of networks.It is important for us to collect and analyze network packets to find out infectedcomputers quickly.It is difficult for normal Internet worm detection technology,such as IDS and SNIFF,to monitor the whole campusnetwork or to find out the infected computers which send packets with faked source IP address.The advantages and the disadvantages ofnetwork stream collect measures,especially sFlow are discussed.A new worm detection system for campus networks based on sFlowtechnology is introduced.
Keywords:sFlow  sampling  worm  virus  IDS  sniff
本文献已被 CNKI 维普 万方数据 等数据库收录!
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号