大数据环境下威胁的协作式检测综述
发布时间:2018-08-02 16:52
【摘要】:恶意的不法分子采用直接或间接的方法攻击个人、机构、国家,从而使其遭受不同程度的威胁。此类信息的形式多种多样,数据量巨大,而且需要被高速地处理。因此,首先对5种典型的协作式检测模型Esper,Hadoop,Agilis,Storm和Spark进行分析、比较,阐述不同模型所适用的网络环境;然后对网络环境中常用的攻击手段DDoS,MITM,APT进行分析,说明检测这些攻击适合采用的模型;最后给出威胁的协作式检测架构模型部署方案,该方案包括发送和接收处理两个组件,并指出可根据实际需要进行不同模型的架构部署;特别地,给出了对等网络、分等级的安全域网络、分层结构网络中架构模型的部署方案。
[Abstract]:Malicious wrongful elements use direct or indirect methods to attack individuals, institutions, and countries, so that they are subjected to varying degrees of threat. The form of such information is varied, the amount of data is huge, and it needs to be processed at high speed. Therefore, 5 typical cooperative detection models, Esper, Hadoop, Agilis, Storm and Spark, are analyzed first. The network environment suitable for different models is described, and then the common attack means DDoS, MITM, and APT in the network environment are analyzed to illustrate the model for detecting these attacks. Finally, the cooperative detection architecture model deployment scheme is given, which includes two components of sending and receiving processing, and pointing out that the scheme can be based on the reality. In particular, the deployment schemes of peer-to-peer network, hierarchical security domain network and hierarchical architecture model are given.
【作者单位】: 信息工程大学数学工程与先进计算国家重点实验室;
【基金】:国家自然科学基金项目(61201220,61309018) 国家973计划项目(2012CB315901) 十二五预研项目资助
【分类号】:TP393.08
,
本文编号:2160073
[Abstract]:Malicious wrongful elements use direct or indirect methods to attack individuals, institutions, and countries, so that they are subjected to varying degrees of threat. The form of such information is varied, the amount of data is huge, and it needs to be processed at high speed. Therefore, 5 typical cooperative detection models, Esper, Hadoop, Agilis, Storm and Spark, are analyzed first. The network environment suitable for different models is described, and then the common attack means DDoS, MITM, and APT in the network environment are analyzed to illustrate the model for detecting these attacks. Finally, the cooperative detection architecture model deployment scheme is given, which includes two components of sending and receiving processing, and pointing out that the scheme can be based on the reality. In particular, the deployment schemes of peer-to-peer network, hierarchical security domain network and hierarchical architecture model are given.
【作者单位】: 信息工程大学数学工程与先进计算国家重点实验室;
【基金】:国家自然科学基金项目(61201220,61309018) 国家973计划项目(2012CB315901) 十二五预研项目资助
【分类号】:TP393.08
,
本文编号:2160073
本文链接:https://www.wllwen.com/guanlilunwen/ydhl/2160073.html
