期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于节点行为特征分析的网络流量分类方法 被引量:10

Internet Traffic Classification Based on Hosts Behavior Analysis
下载PDF
导出
摘要 针对基于加密分组数据的网络流量分类问题,该文提出两种基于行为特征的分析方法。结合流量矩阵和网络结构熵技术,定义了出入度熵指数等参数用于描述节点间的连接行为和数据传输特征,并利用多个周期和时间尺度下的熵指数分析不同流量特征。通过可视图建网方法将流量序列转化为连接网络,利用网络结构相关参数分析流量中蕴含的节点间交互行为的差异。实验表明不同业务流量矩阵的熵指数变化趋势差别较大,而流量序列对应连接网络的聚集系数等存在明显差异。两种方法对于不同业务流量具有较好的分类效果。 Two novel methods based on hosts' behavior analysis are proposed for encrypted packet-based Internet traffic classification. Combined with traffic matrix and network structure entropy, some new exponents for in-degree and out-degree are introduced to illustrate the characterization of connection and message transmission among the network nodes. These exponents can be used to describe traffic feature in different periods and time scale. Visibility graph is also used to convert traffic sequence to network. And the features for network structure are utilized to analyze the host behavior in the traffic sequence. The experimental results demonstrate that the variable trend of entropy exponents and network structure for different traffic have great difference. And two proposed methods can achieve effective traffic classification.
作者 叶春明 王珍 陈思 单洪
机构地区 解放军电子工程学院 中国人民解放军
出处 《电子与信息学报》 EI CSCD 北大核心 2014年第9期2158-2165,共8页 Journal of Electronics & Information Technology
关键词 计算机网络 流量分类 行为特征 网络结构熵 可视图 流量矩阵 Computer network Traffic classification Behavior characterization Network structure entropy Visibility graph Traffic matrix
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献23

  • 1Crotti M, Dusi M, Gringoli F, et al.. Traffic classification through simple statistical fingerprinting[J]. A CM SIGCOMM Computer Communication Review, 2007, 37(1): 7-16.
  • 2Kuai Xu, Zhang Zhi-li, and Bhattacharyya S. Internet traffic behavior profiling for network security monitoring[J]. IEEE/ACM Transactions on Networking, 2008, 16(6): 1241-1252.
  • 3Bernaille L, Soule A, Jeannin M I, et al.. Blind application recognition through behavioral classification [R]. RP-LIP6- 2005-02-02, Laboratory of Computer Sciences, Paris 6, Pierre & Marie Curie University, 2005.
  • 4Wright C, Monrose F, and Masson G M. HMM profiles for network traffic classification[C]. Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security, Washington, DC, 2004: 9-15.
  • 5Marques Neto H T, Almeida J M, Rocha L C D, et al.. A characterization of broadband user behavior and their e-business activities[J]. ACM SIGMETRICS Performance Evaluation Review, 2004, 32(3): 3-13.
  • 6Constantinou F and Mavrommatis P. Identifying known and unknown peer-to-peer traffic[C]. The 5th IEEE International Symposium on Network Computing and Application, Cambridge, MA USA, 2006: 93-102.
  • 7Karagiannis T, Papagiannaki K, and Faloutsos M. BLINC: multilevel traffic classification in the dark[C]. ACM SIGCOMM Computer Communication Review, Philadelphia, PA, USA, 2005: 229-240.
  • 8张震,汪斌强,陈鸿昶,马海龙.互联网中基于用户连接图的流量分类机制[J].电子与信息学报,2013,35(4):958-964. 被引量:8
  • 9Gallagher B, Iliofotou M, Eliassi-Rad T, et al.. Link homophily in the application layer and its usage in traffic classification[C]. The 29th IEEE International Conference on Computer Communications, San Diego, CA USA, 2010:1 -5.
  • 10Iliofotou M, Kim H, Faloutsos M, et al.. Graption: a graph-based P2P traffic classification framework for the internet backbone[J]. Computer Networks, 2011, 55(8): 1909-1920.

二级参考文献71

  • 1刘紫千,陈常嘉.基于流量矩阵估计的路由推断算法[J].铁道学报,2005,27(6):66-70. 被引量:3
  • 2邵超,黄厚宽,赵连伟.一种更具拓扑稳定性的ISOMAP算法[J].软件学报,2007,18(4):869-877. 被引量:20
  • 3[1]Wasserman S, Faust K. Social Network Analysis: Methods and Applications [M]. Cambridge: Cambridge University Press,1994.
  • 4[2]Faloutsos M, Faloutsos P, Faloutsos C. On power-law relationships of the Internet topology[J]. Comput Commun Rev, 1999, 29: 251-262.
  • 5[3]Lawrence S, Giles C L. Searching the world wide web[J]. Science, 1998, 280: 98-100.
  • 6[4]Albert R, Jeong H, A.L.Baraba'si. Diameter of the world-wide web[J]. Nature ,1999, 401: 130-131.
  • 7[5]Barabasi A L, Reka Albert, Hawoong Jeong. Mean-field theory for scale-free random networks[J]. Physica A, 1999, 272: 173-187.
  • 8[6]Barabasi A L, Reka Albert, Hawoong Jeong. Scale-free characteristics of random networks: the topology of the world-wide web[J]. Physica A, 2000, 281:69-77.
  • 9[9]Serrano M A, Boguna M. Topology of the world trade web[J]. Physical Review E, 2003, 68: 015101-4.
  • 10阎长俊,王启家,初长庚.系统和熵[J].沈阳建筑工程学院学报,1997,13(2):213-216. 被引量:4

共引文献173

同被引文献63

引证文献10

二级引证文献45

电子与信息学报
2014年 第9期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部