| 基于Netflow的异常流量分离以及归类 |
| |
| 引用本文: | 许晓东,卞鹏,朱士瑞. 基于Netflow的异常流量分离以及归类[J]. 计算机工程与设计, 2009, 30(21) |
| |
| 作者姓名: | 许晓东 卞鹏 朱士瑞 |
| |
| 作者单位: | 南京理工大学,计算机科学与技术学院,江苏,南京,210094;江苏大学,网络中心,江苏,镇江,212013;江苏大学,网络中心,江苏,镇江,212013 |
| |
| 基金项目: | 江苏省教育厅高校科学研究基金项目 |
| |
| 摘 要: | 针对以往的各种异常流量检测算法只能在宏观上进行流量异常监测,不能进一步实时地将异常流量分离处理,提出了在Netflow流数据环境下对单体IP历史数据的研究的方法,通过对单体IP统计、预测,能快速的检测出导致网络异常流量的主机,并根据其流的类型判断,分类以发现其发生异常的原因并提供ACL策略,从而将网络流量控制在稳定的空间和时间之内,实验结果表明了此方法的可行性和有效性.
|
| 关 键 词: | 流量检测 网络流量 异常流量 指数平滑预测 流量特征 |
Anomaly traffic extraction and classification based on Netflow |
| |
| XU Xiao-dong,BIAN Peng,ZHU Shi-mi. Anomaly traffic extraction and classification based on Netflow[J]. Computer Engineering and Design, 2009, 30(21) |
| |
| Authors: | XU Xiao-dong BIAN Peng ZHU Shi-mi |
| |
| Abstract: | The previous network traffic anomaly analysis can detect the abnormal traffic in Macro. But they can not extract the abnormal and treat it A method is presented to detect the host who cause the abnormal traffic by statistic the single IP history data and prodict under netflow environment to judge the main reason and supply ACL strategy, and control the network traffic Stability in space and time. The experiment shows that this method is possible and efficiency. |
| |
| Keywords: | traffic detection network traffic abnormal traffic exponential smoothing traffic features |
| 本文献已被 万方数据 等数据库收录! |
|
