基于流量分析网络入侵模式特征对比技术研究

发布时间：2018-05-16 05:37

本文选题：特征对比 + 特征参数　；参考：《计算机仿真》2016年04期

【摘要】：针对在网络入侵模式特征对比技术研究过程中,由于网络入侵形式呈现多样性和随机性,使得入侵网络模式特征过多时,特征模式匹配计算就过于繁琐,导致特征对比检测率低的问题。提出基于流量分析算法的网络入侵模式特征对比方法。先融合SOM神经网络建立网络入侵模式特征评价模型,再统计网络入侵检测中多个最优解的入侵模式特征出现的频率,利用频率筛选过程去除被选频率低于某一频率阈值的入侵模式特征,筛选出的每个网络入侵模式特征基参数进行差异补偿,将各个网络入侵模式特征基进行标准化融合处理,得到对于不同的攻击类型改进算法相比其它算法的检测率平均提高了15.4%。实验结果表明,基于流量分析的网络入侵模式特征对比方法大幅度的提升了网络入侵检测的效率。
[Abstract]:In the study of network intrusion pattern feature contrast technology, because of the diversity and randomness of network intrusion, the feature pattern matching calculation is too cumbersome when the characteristics of intrusion network patterns are too many, which leads to the low detection rate of feature contrast. Firstly, the SOM neural network is used to establish the characteristic evaluation model of network intrusion mode, and then the frequency of the intrusion mode features of multiple optimal solutions in network intrusion detection is counted, and the frequency selection process is used to remove the characteristics of the intrusion mode that the frequency selection rate is lower than a certain frequency threshold, and the characteristic base parameters of each network intrusion mode are selected. Difference compensation, the feature base of each network intrusion mode is normalized, and the average detection rate of the different attack type improvement algorithms is improved compared with the other algorithms, the results of 15.4%. experiment show that the network intrusion mode feature contrast method based on traffic analysis greatly improves the efficiency of network intrusion detection.

【作者单位】： 92941部队96分队;
【分类号】：TP393.08

【相似文献】