摘要: 互联网异常流量行为会造成网页内容难以管理、吞噬网络带宽和传播病毒等危害。针对该问题,提出基于Bloom Filter(BF)算法的异常流量检测方法。以点对点(P2P)流量为检测对象,分析BF算法和传统的抽样方法,研究P2P流量常见的特征行为,统计其属性组合,并基于BF算法和抽样方法对异常流量行为进行检测。实验结果证明,该方法能加快异常流量行为的检测速度,提高检测准确率。
关键词:
异常流量,
分布式拒绝服务攻击,
点对点网络,
BF算法,
抽样方法,
行为
Abstract: In allusion to hazards of the Internet abnormal flow, such as Web content is difficult to manage, swallowed network bandwidth, and the spread of the virus continues to expand, this paper puts forward the detection method combining Bloom Filter(BF) algorithm with several abnormal flow behavior. It analyzes the BF algorithm, sampling method and common abnormal flow behavior in Peer-to-Peer(P2P) network, and detects the flow based on the combination of the BF high space efficiency and sampling method, and counts these flow behaviors in order to detect and control abnormal flow effectively. Experimental results show that the method accelerates the detection speed, and improves the accuracy.
Key words:
abnormal flow,
Distributed Denial of Service(DDoS) attack,
Peer-to-Peer(P2P) network,
Bloom Filter(BF) algorithm,
sampling method,
behavior
中图分类号:
燕发文, 黄敏, 王中飞. 基于BF算法的网络异常流量行为检测[J]. 计算机工程, 2013, 39(7): 165-168,172.
YAN Fa-Wen, HUANG Min, WANG Zhong-Fei. Network Abnormal Flow Behavior Detection Based on BF Algorithm[J]. Computer Engineering, 2013, 39(7): 165-168,172.