北京邮电大学学报

  • EI核心期刊

北京邮电大学学报 ›› 2009, Vol. 32 ›› Issue (6): 28-31.doi: 10.13190/jbupt.200906.28.qiuxs

• 论文 • 上一篇    下一篇

企业IT网络异常流量综合检测模型

邱雪松;陈坚;郭海生;高志鹏   

  1. (1.北京邮电大学 网络与交换技术国家重点实验室, 北京 100876;
    2.中兴通讯技术股份有限公司 网管产品部, 南京 210012)
  • 收稿日期:2009-03-22 修回日期:1900-01-01 出版日期:2009-12-28 发布日期:2009-12-28
  • 通讯作者: 邱雪松

Anomaly Traffic Integrated Detection Model for Enterprise IT Network

QIU Xue-song;CHEN Jian;GUO Hai-sheng;GAO Zhi-peng   

  1. (1.State Key Laboratory of Networking and Switching Technology, Beijing Univers
    ity of Posts and Telecommunications, Beijing 100876, China;
    2.Network Management Product Department, Zhongxing Telecommunication Equipment
    Limited, Nanjing 210012, China)
  • Received:2009-03-22 Revised:1900-01-01 Online:2009-12-28 Published:2009-12-28
  • Contact: QIU Xue-song

PDF

429

摘要:

结合企业内部信息技术网络特点,提出了用时间窗比较进行网络异常流量检测的新算
法. 将新算法同已有的静态、动态检测算法相结合,提出了网络异常流量综合检测模型. 该
模型可通过不同方法和角度进行比较,以发现网络中是否存在异常流量. 通过实际实现和
测试验证了模型的有效性.

关键词: 网络异常, 异常检测, 网络管理

Abstract:

A new algorithm of the network anomaly traffic detection by using time windows comparing method is proposed based on the feature of enterprise information technology (IT) network traffic. Then, combining the new algorithm, the present static detection algorithm and the dynamic detection algorithm, the integrated detection model of network anomaly traffic is proposed. The model can check the network anomaly traffic by comparison methods by different ways and from different views. Finally, the availability of model is validated by implementation and testing of model in real environment.

Key words: network anomaly traffic, anomaly detection, network management

版权所有 © 2018 《北京邮电大学学报》编辑部 京ICP备14033833号     在线人数:今日访问 当前在线 总访问

通信地址:北京市海淀区西土城路10号北京邮电大学195信箱    邮编:100876    电话:(010)62281995    QQ:307514248    微博    留言    电子邮箱:byxb@bupt.edu.cn