摘要： 针对Internet骨干网面临的主要攻击行为，提出一种基于攻击行为模式的建模方法。基于行为模式挖掘设计一种快速检测算法，提出一种基于双页表结构的攻击信息树的构建算法。实验结果证明该检测方法能够实时地检测骨干网中已知或未知的攻击，定位报告受害源。

关键词: 攻击检测, 关系模型, 模式挖掘

Abstract: According to the attacks in Internet backbone network, this paper proposes a modeling method based on attack behavior model, including devising a fast algorithm based on behavior pattern mining, and puts forward a 2-page hash table attack tree algorithm. Experimental results confirm that the algorithm can detect known or unknown threats effectively and has the ability to report the suspicious address.

Key words: attack detection, relation model, pattern mining

中图分类号: 

• TP309