| 网络窃密木马的自适应检测模型研究 |
| |
| 引用本文: | 张晓晨,刘胜利,刘 龙.网络窃密木马的自适应检测模型研究[J].计算机应用研究,2013,30(11):3434-3437. |
| |
| 作者姓名: | 张晓晨 刘胜利 刘 龙 |
| |
| 作者单位: | 解放军信息工程大学数学工程与先进计算国家重点实验室, 郑州 450002 |
| |
| 基金项目: | 郑州市科技创新团队资助项目 (10CXTD150) |
| |
| 摘 要: | 以窃密木马的网络通信行为为研究对象, 旨在建立具备自适应动态反馈学习能力的窃密木马检测系统。为实现具备自适应反馈能力的窃密木马检测系统, 研究了网络数据流及窃密木马通信数据流的特征, 引入基于增量学习的支持向量机分类算法, 提出了增量学习样本的构建方法, 建立动态反馈木马检测模型, 设计并实现了具备自适应能力的窃密木马检测系统。真实网络环境下的实验结果验证了系统的有效性和高效性。当网络环境发生变化时, 系统体现了良好的适应性。
|
| 关 键 词: | 木马 通信行为 支持向量机 增量学习 主动探测 |
Research on adaptive network theft Trojan detection model |
| |
| ZHANG Xiao-chen,LIU Sheng-li,LIU Long.Research on adaptive network theft Trojan detection model[J].Application Research of Computers,2013,30(11):3434-3437. |
| |
| Authors: | ZHANG Xiao-chen LIU Sheng-li LIU Long |
| |
| Affiliation: | State Key Laboratory of Mathematical Engineering & Advanced Computing, PLA Information Engineering University, Zhengzhou 450002, China |
| |
| Abstract: | This paper intended to establish theft Trojans detection system capable of adaptive dynamic feedback learning. To achieve this goal, it first studied the characteristics of the network data stream and theft Trojans communication data stream. Then it introduced support vector machine algorithm based on incremental learning, and proposed the construction method of incremental learning samples, designed and implemented the theft Trojan detection system with self-adaptive capability. Finally, the experimental results in a real network environment verify the effectiveness and efficiency of the system. |
| |
| Keywords: | Trojan communication behavior SVM incremental learning active probing |
|
| 点击此处可从《计算机应用研究》浏览原始摘要信息 |
|
点击此处可从《计算机应用研究》下载全文 |
|
