摘要
本文提出构建基于网络协议的异常流量识别模型,结合网络协议分析、网络入侵检测技术等对网络数据层进行解析,通过对频繁IP地址进行聚集发现网络中的异常流量IP地址集合,统计出异常数据包。通过DDOS攻击实验结果分析得出,该模型具有较高的识别能力,并且在处理效率和计算强度方面都有很好的表现。
This paper presents the abnormal traffic identification model based on network protocol; analyzes the network data layer combining with network protocol analysis and network intrusion detection technology; discovers the abnormal traffic IP address set through frequent IP address clustering, and counts the amount of abnormal data packets. With the simulation test of DDOS attack, it is proved that the model has high recognition ability and has good performance in terms of efficiency and calculation.
出处
《电脑与电信》
2017年第12期56-58,共3页
Computer & Telecommunication
关键词
网络协议分析
异常流量识别
入侵检测技术
网络攻击
network protocol analysis
abnormal traffic identification
intrusion detection technology
network attack
