| 基于EBP的宏观网络流量异常行为检测 |
| |
| 引用本文: | 朱士瑞,耿春梅,许晓东.基于EBP的宏观网络流量异常行为检测[J].计算机工程,2009,35(13):131-133. |
| |
| 作者姓名: | 朱士瑞 耿春梅 许晓东 |
| |
| 作者单位: | 1. 江苏大学网络中心,镇江,212013
2. 江苏大学网络中心,镇江,212013;南京理工大学计算机科学与技术学院,南京,210094 |
| |
| 基金项目: | 江苏省教育厅高校科学研究基金资助项目 |
| |
| 摘 要: | 针对以往Hurst指数估算方法在求解精度和实时性上的不足,提出将EBP引入到网络流量白相似特性分析中,对比实验表明EBP对Hurst指数的估算更精确、实时性更高。利用EBP的这一优势将其运用到宏观网络行为的在线实时分析和异常行为的检测中,对林肯实验室宏观网络行为数据的分析表明,正常行为和异常行为的Hurst分布曲线差异明显。与传统匹配方法相比,基于EBP的异常行为检测方法检测效率更高。
|
| 关 键 词: | 异常行为检测 宏观网络流量 自相似性 EBP方法 |
| 修稿时间: | |
Anomaly Behavior Detection Method of Macro Network Traffic Based on EBP |
| |
| ZHU Shi-rui,GENG Chun-mei,XU Xiao-dong.Anomaly Behavior Detection Method of Macro Network Traffic Based on EBP[J].Computer Engineering,2009,35(13):131-133. |
| |
| Authors: | ZHU Shi-rui GENG Chun-mei XU Xiao-dong |
| |
| Affiliation: | 1.Network Center;Jiangsu University;Zhenjiang 212013;2.School of Computer Science and Technology;Nanjing University of Science and Technology;Nanjing 210094 |
| |
| Abstract: | Because the previous estimation methods lack of accuracy and real-time performance in solving the Hurst index, EBP is introduced to the analysis of network traffic self-similarity.The contrast experiments show that EBP is more accurate and has higher real-time performance than other methods in the Hurst index estimation.Taking these advantages of EBP, it is applied to online, real-time analysis of the macro network and the anomaly behavior detection.The analysis on macro network behavior data of Lincoln lab... |
| |
| Keywords: | anomaly behavior detection macro network traffic self-similarity EBP method |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
