摘要
提出一个基于分析Netflow数据的异常流量监测系统。通过特征模式匹配及与正常流量基线比较,来分析和判断网络的异常情况,并通过建立安全策略库,提出安全建议,实现对异常情况的处理,达到对IP网络的有效闭环管理。
A Netflow based traffic detection system is put forward in the article. It can analyze and judge network' s anomaly traffic by matching flow' s characters and comparing actual traffic with the natural baseline, creates security rule database, and makes suggestions to deal with anomaly in order to effectually manage IP network in closed-loop.
出处
《计算机应用与软件》
CSCD
北大核心
2008年第11期154-156,共3页
Computer Applications and Software