期刊文献+

基于自动特征提取的大规模网络蠕虫检测 被引量:9

Large scale network worm detection using automatic signature extraction
下载PDF
导出
摘要 蠕虫由于传播速度很快在网络中造成了严重的危害,对蠕虫进行自动的快速检测成了一项必需的研究。研究了在大规模网络中,利用流量异常发现模块从网络中发现异常数据集,然后自动进行特征提取,进而将特征更新到特征检测的特征库中进行特征检测的方法,实现对未知蠕虫的检测。本系统能够快速地发现新的疫情,作为蠕虫的自动防御的基础。 Worms had done serious harm to the computer networks due to their propagating speeds. The research was necessary to detect worms quickly and automatically. In large scale networks, flux based anomaly found module was used to screen out anomalous network data set, and automatic signature extraction was processed in succession, then its signature was updated to the signature database of the signature based detection module, thus, the approach to detect unknown worms was realized. Novel epidemic can be found effectively, and the whole system is the fundament of worm automatic defense.
出处 《通信学报》 EI CSCD 北大核心 2006年第6期87-93,共7页 Journal on Communications
基金 国家高技术研究发展计划("863"计划)基金资助项目(2001AA147010B)~~
关键词 计算机网络 蠕虫 特征检测 异常发现 特征提取 computer network worm signature detection anomaly find signature extraction
  • 相关文献

参考文献10

  • 1WEAVER N,PAXSON V,STANIFORD S,et al.Large scale malicious code:a research agenda[EB/OL].http://www.cs.berkeley.edu/~nweaver/large_scale_malicious_code.pdf,2003.
  • 2MOORE D,PAXSON V,SAVAGE S,et al.Inside the slammer worm[J].IEEE Magazine of Security and Privacy,2003,1(4):33-39.
  • 3DENNING D E.An intrusion-detection model[J].IEEE Transactions on Software Engineering,1987,SE-13:222-232.
  • 4SCHONLAU M,THEUS M.Detecting masquerades in intrusion detection based on unpopular commands[J].Information Processing Letters,2000,76(1,2):33-38.
  • 5STEVENS W.TCP/IP Illustrated,Volume 1:the Protocols[M].USA:Addison Wesley,1994.
  • 6WANG P,YUN X C,FANG B X.A large network malicious code detection system:VDS[J].WSEAS Transactions on Information sciEnce and Applications,2004,1(4):994-1003.
  • 7反病毒软件评测[EB/OL].http://download.5iyt.com/infoview/Articie_127.htm.Evaluating of anti-virus software[EB/OL].http://download.5iyt.com/infoview/Article_ 127.htm.
  • 8卿斯汉,文伟平,蒋建春,马恒太,刘雪飞.一种基于网状关联分析的网络蠕虫预警新方法[J].通信学报,2004,25(7):62-70. 被引量:40
  • 9傅赛香,袁鼎荣,黄柏雄,钟智.基于统计的无词典分词方法[J].广西科学院学报,2002,18(4):252-255. 被引量:24
  • 10金翔宇,孙正兴,张福炎.一种中文文档的非受限无词典抽词方法[J].中文信息学报,2001,15(6):33-39. 被引量:28

二级参考文献17

  • 1孙茂松,黄昌宁,高海燕,方捷.中文姓名的自动辨识[J].中文信息学报,1995,9(2):16-27. 被引量:87
  • 2黄萱菁,吴立德,王文欣,叶丹瑾.基于机器学习的无需人工编制词典的切词系统[J].模式识别与人工智能,1996,9(4):297-303. 被引量:24
  • 3孙茂松,黄昌宁,邹嘉彦,陆方,沈达阳.利用汉字二元语法关系解决汉语自动分词中的交集型歧义[J].计算机研究与发展,1997,34(5):332-339. 被引量:66
  • 4[1]Chien Lee-Feng. PAT-tree-based adaptive keyphrase extraction for intelligent Chinese information retrieval. Information Processing and Management, 1999,35: 501~ 521.
  • 5[2]ZIPF H P. Human Behaviour and the Principle of Least Effort. Addison-wesley,Cambridge,Massachusetts, 1949.
  • 6LINGER R C, MEAD N R, LIPSON H F. Requirements definition for survivable network systems[A]. Requrements Engineering'98[C]. Colorado, 1998.14-23.
  • 7Understanding symantec's anti-virus strategy for internet gateways[EB/OL]. http://www. symantec.com/avcenter/reference/ wpnavieg.pdf. 1999.
  • 8CHEUNG S, HOAGLAND J, LEVITT K, et al. The Design of GrIDS: A Graph-Based Intrusion Detection System[R]. Technical Report CSE-99-2, U.C. Davis Computer Science Department, 1999.
  • 9Computer emergency response team(CERT)[EB/OL]. http://www.cert.org/advisories/.
  • 10STEVENS W R. TCP/IP Illustrated, Volume 1:The Protocols[M].USA: Addison Wesley, 1994.

共引文献84

同被引文献101

引证文献9

二级引证文献15

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部