位置:成果数据库 > 期刊 > 期刊详情页
基于尖点突变模型的IP网络异常行为检测方法
  • 期刊名称:电子科技大学学报
  • 时间:0
  • 页码:892-897
  • 语言:中文
  • 分类:TP393.08[自动化与计算机技术—计算机应用技术;自动化与计算机技术—计算机科学与技术]
  • 作者机构:[1]北京科技大学计算机与通信工程学院,北京海淀区100083, [2]电子科技大学通信与信息工程学院,成都611731
  • 相关基金:基金项目:国家973计划(2007CB310706,2012CB315905);国家自然科学基金(60725104,60873263,60932005,61172048,61100184);教育部新世纪优秀人才支持计划(NCET-09-0268);四川省青年基金(09ZQ026-032).广东省产学研项目(2010A090200053)
  • 相关项目:基于虚拟坐标的IP网络定位理论与技术研究
作者: 隆克平|胡武生|徐杰|阳小龙|张敏|
关键词: 异常检测, 尖点突变, IP网络, Kdd-Cup99数据集, anomaly detection, cusp-catastrophe, IP networks, KDD-cup 99 dataset
中文摘要:

由于数据挖掘、贝叶斯等传统异常检测方法仅依据网络正常行为特征而没考虑异常行为特征,致使其异常检测率偏低和误报率偏高,该文基于尖点突变模型而针对性地提出了一种新的IP网络异常行为描述模型及其检测机制。它们充分利用了尖点突变模型的多稳态性和突变性,准确地描述了网络正常行为特征和异常行为特征。最后以Kdd-Cup99数据集为例,对比了不同机制的异常检测性能,结果显示,与贝叶斯BN和决策树C4.5等机制相比,所提出的检测机制在检测率和误报率方面都有所优势。

英文摘要:

Some traditional anomaly detection mechanisms (such as data mining and Bayes methods) have much poorer performance in terms of detection rate and false alarm rate because they consider only the normal behavior feature of IP networks, and neglect that of the abnormal behaviors. Motivate by the situations, this paper proposed a new characterization model of abnormal behaviors, and also developed an anomaly detection mechanism based on cusp-catastrophe for IP networks. They not only make the best of the prominent features of cusp-catastrophe in terms of multiple steady states and discontinuous catastrophe, and also can describe the normal behavior features and abnormal ones. Finally under Kdd-Cup 99 datasets, the proposed mechanism is evaluated, and the evaluation result shows that its detection rate and the false detection have greatly been improved compared with BN and C4.5.

同期刊论文项目
通信网
期刊论文 52 会议论文 8 专利 13
CDN-P2P融合分发网络服务高可用性模型与关键机制研究
期刊论文 51 会议论文 6
非对称广域覆盖信息共享网络理论与技术
期刊论文 60 会议论文 24 专利 13 著作 1
基于虚拟坐标的IP网络定位理论与技术研究
期刊论文 33 会议论文 4 专利 10
面向ISP与用户协作的内容分发网络体系结构与关键技术研究
期刊论文 17 会议论文 4
同项目期刊论文
IUKF neural network modeling for FOG temperature drift
<span style="color:#0070C0;font-family:宋体;font-size:12pt;">用户兴趣感知的内容副本优化放置算法</spa
随机延迟污染对IP网络坐标系统的影响及其抑制方法研究
支持业务均衡的OBS网络分布式回退偏射路由算法
基于细胞适应机制的自组网多路径路由协议
一种基于仿生学的MANET拥塞节点自适应回避路由协议
基于内容流行度差异性的CDN-P2P融合分发网络缓存替换机制研究
用户兴趣感知的内容副本优化放置算法
可抵御节点恶意行为的锚节点型IP坐标系统
T-Vivaldi:TIV感知的IP网络坐标系统
R-Vivaldi:距离范围感知的IP网络坐标系统
基于大偏差统计模型的Http-Flood DDoS检测机制及性能分析
An Adaptive Traffic Distribution Scheme for CMT based on Lotka-Volterra Model in Multihomed Networks
HTTP-sCAN:Detecting HTTP-Flooding Attack by Modeling Multi-Features of Web Browsing Behavior from Noisy Web-Logs
自适应混合光交换
基于虚拟突发的OBS数据信道重调度算法研究
Spray and forward: Efficient routing based on the Markov location prediction model for DTNs
Link-Vertex Topology Aggregation for Multi-domain Path Computation with Hierarchical Path Computing
An Intelligent Services-aware Generalized Optical Burst Assembly Mechanism Enabling Multi-services T
Chaotic Dynamics in a Sine Square Map: High-Dimensional Case (N≥3)
A traffic grooming mechanism based on virtual burst for OBS networks
An Approach to Evaluate the Effects of Virtual Topology on In-band Crosstalk Attack Propagation in T
OBS网络中支持业务均衡的分布式回退偏射路由算法
ISM: 漂移意图可感知的IP网络生存性服务提供模型
The Layered-Graph algorithms for Static Routing and Wavelength Assignment Problem in WDM Networks
A new proportional differentiation scheme based on batch scheduling for optical burst switching netw
Improving the attack tolerance of scale-free networks by adding and hiding edges
Adaptive multi-reachability routing with load balancing for optical burst switching network
Cost Efficient Fault Tolerant Design in Mesh Optical Networks with Load Aware Method
Traffic dynamics on layered complex networks
Attack propagation of high-powered intra-channel crosstalk in transparent optical networks
Local segment-shared protection based on source egress gateway selecting for multi-domain optical me
An efficient data channel rescheduling algorithm based on virtual burst for OBS networks
业务自相似性对光突发交换调度算法影响分析
基于时滞混沌系统的带密钥Hash函数的设计与分析
基于信任关系的IP网络容错容侵机制
ISM:漂移意图可感知的IP网络生存性服务提供模型
Hybrid optical switching with self-adaption
p-RWBO: a novel low-collision and QoS-supported MAC for wireless ad hoc networks
Optical local area network emulations over Ethernet passive optical networks: A survey
An effective buffering architecture for optical packet switching networks
一种面向IP/GMPLS over WDM网络的优化综合路由算法
WDM光网络中节能的1∶1保护路由波长分配算法研究
认知无线电网络中宽频谱的信号分离算法
基于分组特性的冗余流量消除算法
基于加权二分网络的冗余流量演化模型研究
Analysis of chaotic dynamics in a two-dimensional sine square map
HTTP-SCAN: detecting HTTP-flooding attack by modeling multi-features of web browsing behavior from N
uSensing: a Universal Platform to Support Smartphones Accessing Wireless Sensor Networks
RAVS: Remote attestation of video security based on trusted platform module
基于数据包分析的流媒体多语义流行度模型. 计算机应用研究
基于节点连接度的P2P流量快速识别方法
基于张量神经网络的音频多语义分类方法
基于TPM的视频安全远程取证
File-Sharing Preference in a Peer-to-Peer Network
Popularity based network statistical analysis in peer-to-peer application
基于物理干扰模型的分布式传输调度算法
未来网络的研究进展和发展趋势
一种P2P文件共享网络流量分析模型
Network statistical analysis in peer-to-peer application
一种非对称广域覆盖的信息共享网络结构
Covariances of Linear Stochastic Differential Equations for Analyzing Computer Networks
基于时滞混沌系统的带密钥Hash函数的设计与分析
Authentication Strategy for Information Resources of Asymmetric Information Sharing Network
Tensor semantic model for an audio classification system
HTTP-SOLDIER: a HTTP-flooding attack detection scheme with the large deviation principle
基于神经网络的数字音频双重语义水印算法
A Semantic Classification Method of Digital Image Based on Cloud Model
A Novel Trusted Computing Model of Network Security Authentication
Efficient Multicast Authentication Using Proportional Grouped Tree-Chain
A Data Migration Strategy for HSM Based on Data Value
ISM:漂移意图可感知的IP网络生存性服务提供模型
Distributed adaptive filtering: a graphical evolutionary game theoretic view
A topology control algorithm based on D-region fault tolerance
随机延迟污染对IP网络坐标系统的影响及其抑制方法研究
基于数据包分析的流媒体多语义流行度模型
一种基于仿生学的MANET拥塞节点自适应回避路由协议
Chaos generator for secure transmission using a sine map and an RLC series circuit
ESTIMATION OF THE VARIANCES OF TCP/RED USING STOCHASTIC DIFFERENTIAL EQUATION
Chaotic Dynamics in a Sine Square Map: High-Dimensional Case (N ≥ 3)
可抵御节点恶意行为的锚节点型IP坐标系统
T-Vivaldi:TIV感知的IP网络坐标系统
R-Vivaldi:距离范围感知的IP网络坐标系统
基于大偏差统计模型的Http-Flood DDoS检测机制及性能分析
基于随机矩阵理论的城市人群移动行为分析
基于UCL的个性化主动信息服务实验研究
新一代广播型网络实验系统的构建与实现
基于视频解码依赖性的低延时无线视频广播纠删编码
WDM光网络中节能的1∶1保护路由波长分配算法研究
Topology Control Algorithm Using Fault-Tolerant 1-Spanner for Wireless Ad Hoc Networks
对等网络应用中的网络统计特征分析
基于资源流行度的对等网络统计特征分析
分层次的无状态单分组IP溯源技术
An Adaptive Traffic Distribution Scheme for CMT based on Lotka-Volterra Model in Multihomed Networks
Atmospheric Pressure-Aware Seamless 3-D Localization and Navigation for Mobile Internet Devices
Distributed link scheduling method with physical interference model in wireless multi-hop networks
HTTP-sCAN:Detecting HTTP-Flooding Attack by Modeling Multi-Features of Web Browsing Behavior from Noisy Web-Logs
一种基于虚拟突发的OBS网络业务疏导机制
一种支持多业务承载的广义光突发汇聚机制
一种基于马尔可夫位置预测模型的 DTN 路由算法
CPSM: 一种增强 IP网络生存性的客户端主动服务漂移模型
基于大偏差统计模型的Http-Flood DDoS攻击检测机制及性能分析
T-Vivaldi:一种TIV感知的IP网络坐标系统
R-Vivaldi:一种距离范围感知的IP网络坐标系统
基于时滞混沌系统的带密钥Hash函数的设计与分析
基于信任关系的IP网络容错容侵机制
基于连通支配集的OBS网络多粒度业务疏导机制
ISM:漂移意图可感知的IP网络生存性服务提供模型
一种支持业务均衡的OBS自适应多可达性路由机制
分层次的无状态单包IP溯源技术
随机延迟污染对IP网络坐标系统的影响及其抑制方法研究
一种基于仿生学的MANET拥塞节点自适应回避路由协议
R-Vivaldi:距离范围感知的IP网络坐标系统
基于大偏差统计模型的Http-Flood DDoS检测机制及性能分析
分层次的无状态单分组IP溯源技术
形态学和小波域杂波抑制的微弱目标检测
基于Web服务的光路封装及其提前预留管理模型
基于时空域集成判决的微小运动目标检测方法
基于小波域DCT变换的杂波抑制方法
WDM光网络双链路故障混合保护算法
一种小波域平滑滤波的杂波抑制方法
CPSM:一种增强IP网络生存性的客户端主动服务漂移模型
Efficient joint carrier frequency offset and phase noise compensation scheme for high-speed coherent
A novel rateless codes design scheme based on two-stage encoding and forward equal probability
An adaptive path selection model for WSN multipath routing inspired by metabolism behaviors
On a Mathematical Model for Low-Rate Shrew DDoS
Multi-path routing protocol based on adaptation mechanism of cell in ad hoc networks
A simple and efficient frequency offset estimation algorithm for high-speed coherent optical OFDM sy
Double-Auction-Based Optimal User Assignment for Multisource-Multirelay Cellular Networks
面向CCN的路由转发方案设计
A load balancing multi-path routing scheme based on effective voids for optical burst switching netw
A Bioinspired adaptive congestion-avoidance routing for mobile ad hoc networks
ABio-inspired OSPF Path Selection Scheme Based on An Adaptive AttractorSelection Model
RMI-DRE:A Redundancy-Maximizing Identification Scheme for Data Redundancy Elimination
Network coding-based protection strategy against multiple link failures
A survivability network model with Min{ds, dd} node-disjoint paths
Influence of stochastic delay contaminations on IP network coordinate system and contamination mitig
随机延迟污染对IP网络坐标系统的影响及其抑制方法研究
支持业务均衡的OBS网络分布式回退偏射路由算法
基于细胞适应机制的自组网多路径路由协议
一种基于仿生学的MANET拥塞节点自适应回避路由协议
基于内容流行度差异性的CDN-P2P融合分发网络缓存替换机制研究
用户兴趣感知的内容副本优化放置算法
可抵御节点恶意行为的锚节点型IP坐标系统
T-Vivaldi:TIV感知的IP网络坐标系统
R-Vivaldi:距离范围感知的IP网络坐标系统
基于大偏差统计模型的Http-Flood DDoS检测机制及性能分析
An Adaptive Traffic Distribution Scheme for CMT based on Lotka-Volterra Model in Multihomed Networks
HTTP-sCAN:Detecting HTTP-Flooding Attack by Modeling Multi-Features of Web Browsing Behavior from Noisy Web-Logs