期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

FB-NBAS:一种基于流的网络行为分析模型 被引量:5

FB-NBAS: A Flow-based Network Behavior Analysis Model
在线阅读 下载PDF
导出
摘要 传统的入侵检测系统通常需要对攻击预先了解,在流量分析和异常检测方面存在不足。该文提出一种新的基于流的统计分析模型,通过构建网络的行为特征库,实时监测和发现网络异常,基于该分析技术设计和实现了一个网络监控系统原型。该原型可以监测和发现网络中可疑代码,并进行实时跟踪。 Traditional Intrusion Detection Systems(IDSs) requires prior knowledge of attacks, loses effectiveness in flow analysis and abnormity detection. This paper proposes a new flow-based network behavior analysis model, which monitors and detects abnormity of network by building up a network behavior features base for each host. Based on this technology, a network monitor prototype system is designed and implemented. The system can detect malicious codes and track them in real time.
作者 李军 曹文君 李杨
机构地区 复旦大学软件学院
出处 《计算机工程》 CAS CSCD 北大核心 2008年第3期165-167,共3页 Computer Engineering
关键词 网络监控 网络行为 行为分析 network monitor network behavior behavior analysis
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献5

  • 1Juan M E, Pedro G, Jesus E D. Anomaly Detection Methods in Wired Networks: A Survey and Taxonomy[J]. Computer Communications. 2004, 27(16): 1569-1584.
  • 2郑军,胡铭曾,云晓春,郑仲.基于数据流方法的大规模网络异常发现[J].通信学报,2006,27(2):1-8. 被引量:17
  • 3Networks M. Paper W. Network Behavior Analysis(NBA) Systems: Ensuring Application Availability Through Enterprise-wide Visibility[EB/OL]. (2006-09-10). http://www.lancope.com/resource/.
  • 4Behrauz A. Sophia E TCP/IP Protocol Suite[M]. 2nd ed. [S. l.]: McGrow-hill, 2003.
  • 5Tanenbaum A S. Computer Networks[M]. 4th ed. 北京:清华大学出版社,2004.

二级参考文献11

  • 1JUAN M E,PEDRO G,JESUS E D.Anomaly detection methods in wired networks:a survey and taxonomy[J].Computer Communications,2004,27(16):1569-1584.
  • 2YE N,SEAN V,CHEN Q.Computer intrusion detection through EWMA for autocorrelated and uncorrelated data[J].IEEE Transactions on Reliability,2003,52(1):75-82.
  • 3WANG H,ZHANG D,KANG S.Detecting SYN flooding attacks[A].Proceedings of the IEEE Infocom[C].New York,2002.123-132.
  • 4JIN C,WILLIAM S C,DONG L.The effect of statistical multiplexing on the long-range dependence of Internet packet traffic[EB/OL].http://cm.bell-labs.com/stat/doc/multiplex.pdf,2001.
  • 5HUANG P,FELDMANN A,WILLINGER W.A non-intrusive,wavelet-based approach to detecting network performance problems[A].Proceedings of ACM SIGCOMM Internet Measurement Workshop 2001[C].San Francisco Bay Area,2001.
  • 6BARFORD P,KLINE J,PLONKA D.A signal analysis of network traffic anomalies[A].Proceedings of ACM SIGCOMM Intemet Measurement Workshop[C].Marseilles,France,2002.71-82.
  • 7ALARCON V,BARRIA J A.Anomaly detection in communication networks using wavelets[J].IEE Proceedings Communications,2001,148(6):62-355.
  • 8BABCOCK B,BABU S,DATAR M,MOTWANI R,WIDOM J.Models and issues in data streams[A].Proceedings of the 21st ACM SIGACT-SIGMOD-SIGART on Principles of Database Systems[C].Madison:ACM Press,2002.1-16.
  • 9MANKU G S,MOTWANI R.Approximate frequency counts over data streams[A].Proceedings of the 28th International Conference on Very Large Data Bases[C].Hong Kong,China,2002.346-357.
  • 10SCHWELLER R,GUPTA A,PARSONS E.Reversible sketches for efficient and accurate change detection over network data streams[A].Proceedings of the ACM SIGCOMM Internet Measurement Conference (IMC '04)[C].Sicily,Italy,2004.207-212.

共引文献16

同被引文献50

引证文献5

二级引证文献102

计算机工程
2008年 第3期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部