位置:成果数据库 > 期刊 > 期刊详情页
DNSSEC域名解析的形式化描述及量化分析研究
  • ISSN号:1000-1239
  • 期刊名称:《计算机研究与发展》
  • 时间:0
  • 分类:TP393.08[自动化与计算机技术—计算机应用技术;自动化与计算机技术—计算机科学与技术] U491.13[交通运输工程—交通运输规划与管理;交通运输工程—道路与铁道工程]
  • 作者机构:[1]Institute of Computing Technology, Chinese Academy of Sciences, Beijing 100190, P. R. China, [2]Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100195, P. R. China, [3]University of Chinese-Academy of Science, Beijing 100190,P. R. China
  • 相关基金:Supported by the National Natural Science Foundation of China ( No. 61070185, 61003261 ) and the Knowledge Innovation Program of the Chi- nese Academy of Sciences (No. XDA06030200).
作者: 王勇[1,2,3], 云晓春[1,2,3], 姚垚[1,2], 熊刚[1,2]
关键词: 网络行为分析, HTTP隧道, 入侵检测系统, 检测模型, 交通网络, 异常, 安全系统, 隧道技术, network security, anomaly detection model, hierarchical clustering, HTFP-tunnel
中文摘要:

Increasing time-spent online has amplified users’ exposure to the threat of information leakage.Although existing security systems(such as firewalls and intrusion detection systems) can satisfy most of the security requirements of network administrators,they are not suitable for detecting the activities of applying the HTTP-tunnel technique to steal users’ private information.This paper focuses on a network behavior-based method to address the limitations of the existing protection systems.At first,it analyzes the normal network behavior pattern over HTTP traffic and select four features.Then,it presents an anomaly-based detection model that applies a hierarchical clustering technique and a scoring mechanism.It also uses real-world data to validate that the selected features are useful.The experiments have demonstrated that the model could achieve over 93%hit-rate with only about 3%falsepositive rate.It is regarded confidently that the approach is a complementary technique to the existing security systems.

英文摘要:

Increasing time-spent online has amplified users' exposure to tile tilreat oI miormanon leakage. Although existing security systems (such as firewalls and intrusion detection systems) can satisfy most of the security requirements of network administrators, they are not suitable for detecting the activities of applying the HTTP-tunnel technique to steal users' private information. This paper focuses on a network behavior-based method to address the limitations of the existing protection systems. At first, it analyzes the normal network behavior pattern over HTI'P traffic and select four features. Then, it pres- ents an anomaly-based detection model that applies a hierarchical clustering technique and a scoring mechanism. It also uses real-world data to validate that the selected features are useful. The experiments have demonstrated that the model could achieve over 93% hit-rate with only about 3% false- positive rate. It is regarded confidently that the approach is a complementary technique to the existing security systems.

同期刊论文项目
骨干网环境下基于访问行为及其无指导学习模型的网络失窃密异常检测
期刊论文 10
基于风险传播及其推测模型的网络脆弱性动态评估研究
期刊论文 24 会议论文 4 获奖 2 专利 2
同项目期刊论文
随机伪造源地址分布式拒绝服务攻击过滤
基于时延的Flash Crowd控制模型
基于负载均衡的高吞吐量IPsec VPN系统
基于通信特征和D-S证据理论分析僵尸网络相似度
网络运行安全指数多维属性分类模型
DDoS攻击检测和控制方法
基于环境属性的网络威胁态势量化评估方法
僵尸网络关系云模型分析算法
一种基于分层聚类方法的木马通信行为检测模型
求解网络风险传播问题的近似算法及其性能分析
利用C-F模型识别僵尸网络迁移
高速网络监控中大流量对象的识别
基于会话异常度模型的应用层分布式拒绝服务攻击过滤
随机伪造源地址分布式拒绝服务攻击过滤
基于时延的Flash Crowd控制模型
网络设备协同联动模型
Parallelizing weighted frequency counting in high-speed network monitoring
一种基于扩充特征集的流分类方法
AACF:基于逻辑的非单调授权与访问控制框架
多级安全中敏感标记的最优化挖掘
基于通信特征和D-S证据理论分析僵尸网络相似度
网络运行安全指数多维属性分类模型
僵尸网络关系云模型分析算法
CVSS环境评分值的分布特点研究
基于命名及解析行为特征的异常域名检测方法
一种基于带承诺加密电路的移动代码保护协议
随机伪造源地址DDoS攻击下的合法地址识别方法
一种基于TCM主动学习的P2P流识别技术
期刊信息
  • 《计算机研究与发展》
  • 中国科技核心期刊
  • 主管单位:中国科学院
  • 主办单位:中国科学院计算技术研究所
  • 主编:徐志伟
  • 地址:北京市科学院南路6号中科院计算所
  • 邮编:100190
  • 邮箱:crad@ict.ac.cn
  • 电话:010-62620696 62600350
  • 国际标准刊号:ISSN:1000-1239
  • 国内统一刊号:ISSN:11-1777/TP
  • 邮发代号:2-654
  • 获奖情况:
  • 2001-2007百种中国杰出学术期刊,2008中国精品科...,中国期刊方阵“双效”期刊
  • 国内外数据库收录:
  • 俄罗斯文摘杂志,荷兰文摘与引文数据库,美国工程索引,日本日本科学技术振兴机构数据库,中国中国科技核心期刊,中国北大核心期刊(2004版),中国北大核心期刊(2008版),中国北大核心期刊(2011版),中国北大核心期刊(2014版),中国北大核心期刊(2000版)
  • 被引量:40349