| 一种新的可变采样率的网络流量抽样测量方法 |
| |
| 引用本文: | 潘乔,裴昌幸. 一种新的可变采样率的网络流量抽样测量方法[J]. 西安电子科技大学学报(自然科学版), 2008, 35(6): 968-972 |
| |
| 作者姓名: | 潘乔 裴昌幸 |
| |
| 作者单位: | (1. 西安电子科技大学 综合业务网理论及关键技术国家重点实验室,陕西 西安 710071;2. 东华大学 计算机科学与技术学院, 上海 210051) |
| |
| 基金项目: | 国家自然科学基金 |
| |
| 摘 要: | 随机报文抽样方法是目前常用的流量抽样测量方法,但是它倾向于采集长流,影响了异常检测的正确性.提出了一种新的基于IP流可变采样率的网络流量抽样测量方法,将到达的数据报文按照流标识分类,并以每一个报文在所属流中的位置和流的大小为参数设置可变采样率进行抽样测量.实验表明,该方法提高了短流中报文的采样率,减少了随机报文抽样方法对异常检测的影响,检测结果能正确地反映原始数据的异常情况.
|
| 关 键 词: | 抽样测量 可变采样率抽样 IP流 端口扫描 |
| 收稿时间: | 2008-01-02 |
IP flow-based variable sampling method for network traffic measurement |
| |
| PAN Qiao,,PEI Chang-xing. IP flow-based variable sampling method for network traffic measurement[J]. Journal of Xidian University, 2008, 35(6): 968-972 |
| |
| Authors: | PAN Qiao PEI Chang-xing |
| |
| Affiliation: | (1. State Key Lab. of Integrated Service Networks, Xidian Univ., Xi’an 710071, China;2. School of Computer Science and Technology, Donghua Univ., Shanghai 210051, China) ; |
| |
| Abstract: | The random packet sampling method is usually employed by traffic sampling measurement.But the accuracy of anomaly detection is affected by the fact that it biases a large IP flow.Based on the IP flow arrival process,a variable sampling method is proposed.According to the attribute of the IP flow,the incoming packets are classified by their flow identifiers and sampling rates are set by their positions in the IP flow.Experimental results show that sampled traffic data improve the accuracy of anomaly detectio... |
| |
| Keywords: | sampling measurement variable sampling IP flow port scan |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《西安电子科技大学学报(自然科学版)》浏览原始摘要信息 |
|
点击此处可从《西安电子科技大学学报(自然科学版)》下载全文 |
