作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2013, Vol. 39 ›› Issue (7): 165-168,172. doi: 10.3969/j.issn.1000-3428.2013.07.037

• 安全技术 • 上一篇    下一篇

基于BF算法的网络异常流量行为检测

燕发文,黄 敏,王中飞   

  1. (西南科技大学计算机科学与技术学院,四川 绵阳 621000)
  • 收稿日期:2012-06-15 出版日期:2013-07-15 发布日期:2013-07-12
  • 作者简介:燕发文(1987-),男,硕士,主研方向:网络安全;黄 敏,副教授;王中飞,硕士
  • 基金资助:
    辽宁省工业攻关计划基金资助项目(2010216007)

Network Abnormal Flow Behavior Detection Based on BF Algorithm

YAN Fa-wen, HUANG Min, WANG Zhong-fei   

  1. (College of Computer Science and Technology, Southwest University of Science and Technology, Mianyang 621000, China)
  • Received:2012-06-15 Online:2013-07-15 Published:2013-07-12

摘要: 互联网异常流量行为会造成网页内容难以管理、吞噬网络带宽和传播病毒等危害。针对该问题,提出基于Bloom Filter(BF)算法的异常流量检测方法。以点对点(P2P)流量为检测对象,分析BF算法和传统的抽样方法,研究P2P流量常见的特征行为,统计其属性组合,并基于BF算法和抽样方法对异常流量行为进行检测。实验结果证明,该方法能加快异常流量行为的检测速度,提高检测准确率。

关键词: 异常流量, 分布式拒绝服务攻击, 点对点网络, BF算法, 抽样方法, 行为

Abstract: In allusion to hazards of the Internet abnormal flow, such as Web content is difficult to manage, swallowed network bandwidth, and the spread of the virus continues to expand, this paper puts forward the detection method combining Bloom Filter(BF) algorithm with several abnormal flow behavior. It analyzes the BF algorithm, sampling method and common abnormal flow behavior in Peer-to-Peer(P2P) network, and detects the flow based on the combination of the BF high space efficiency and sampling method, and counts these flow behaviors in order to detect and control abnormal flow effectively. Experimental results show that the method accelerates the detection speed, and improves the accuracy.

Key words: abnormal flow, Distributed Denial of Service(DDoS) attack, Peer-to-Peer(P2P) network, Bloom Filter(BF) algorithm, sampling method, behavior

中图分类号: