| 基于FARIMA的ARP欺骗入侵检测 |
| |
| 引用本文: | 李启南. 基于FARIMA的ARP欺骗入侵检测[J]. 计算机工程, 2011, 37(2): 139-140. DOI: 10.3969/j.issn.1000-3428.2011.02.047 |
| |
| 作者姓名: | 李启南 |
| |
| 作者单位: | 兰州交通大学电子与信息工程学院,兰州,730070 |
| |
| 基金项目: | 兰州市企业技术攻关计划基金资助项目(2009-1-4) |
| |
| 摘 要: | 针对ARP网络流量具有自相似性,ARP欺骗会导致ARP网络流量局部突发的特征,在进行理论分析的基础上,提出一种ARP欺骗入侵检测方法。采用适合描述自相似性的FARIMA准确预测ARP网络流量,在线实时计算每个周期实测值和预测值的差值,比较差值变化率快速准确实现ARP欺骗入侵检测。运行结果证明FARIMA具有先进性,该方法可有效提高ARP欺骗实时入侵检测的检测率,实现追踪ARP欺骗攻击源主机。
|
| 关 键 词: | ARP欺骗 分形自回归滑动平均混合模型 入侵检测 网络安全 自相似 |
ARP Spoofing Intrusion Detection Based on FARIMA |
| |
| LI Qi-nan. ARP Spoofing Intrusion Detection Based on FARIMA[J]. Computer Engineering, 2011, 37(2): 139-140. DOI: 10.3969/j.issn.1000-3428.2011.02.047 |
| |
| Authors: | LI Qi-nan |
| |
| Affiliation: | LI Qi-nan(School of Electrical & Information Engineering,Lanzhou Jiaotong University,Lanzhou 730070,China) |
| |
| Abstract: | Aiming at the character that ARP network traffic has self-similar behavior,ARP spoofing leads ARP network traffic local burst,an ARP spoofing intrusion detection method is proposed after the theory is analyzed.The method uses Fractional Autoregressive Moving Average model(FARIMA) to forecast ARP network traffic,real-time calculates error value in every circle online between the real value and forecast value,detects the ARP spoofing by the error value.FARIMA can represent well self-similar behavior.Running r... |
| |
| Keywords: | ARP spoofing Fractional Autoregressive Moving Average model(FARIMA) intrusion detection net security self-similar |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载免费的PDF全文 |
