北京邮电大学学报

  • EI核心期刊

北京邮电大学学报 ›› 2011, Vol. 34 ›› Issue (3): 122-126.doi: 10.13190/jbupt.201103.122.yanghy

• 研究报告 • 上一篇    下一篇

网络自保护机制的新方法

杨宏宇,代其魁   

  1. 中国民航大学 计算机科学与技术学院, 天津 300300
  • 收稿日期:2010-06-28 修回日期:2010-12-29 出版日期:2011-06-28 发布日期:2011-03-29
  • 通讯作者: 杨宏宇 E-mail:yhyxlx@hotmail.com
  • 基金资助:

    国家高技术研究发展计划项目(2006AA12A106); 天津市科技支撑计划重点项目(07ZCKFGX01700); 中国民航科技基金项目(RKXZY0814); 中央高校基本科研业务费专项资金项目(ZXH2009A006, ZXH2010D009)

A Novel Approach for Network SelfProtection Mechanism

Hong-Yu YANG,Dai QiKui   

  • Received:2010-06-28 Revised:2010-12-29 Online:2011-06-28 Published:2011-03-29
  • Contact: Hong-Yu YANG E-mail:yhyxlx@hotmail.com

PDF

608

摘要:

针对目前网络安全防护技术的缺陷,提出一种基于异常分析的网络自保护机制. 为提高对网络攻击的检测能力和防护能力,提出一种基于多元异常分析的网络攻击检测算法. 该算法根据网络流测量指标的异常偏差值对其进行分类,对不同种类的网络流分配不同的路由调度优先级,可明显削弱网络攻击对正常网络通信流的影响. 实验结果表明,该自保护机制能显著提高网络系统应对分布式拒绝服务攻击的防护能力.

关键词: 自保护, 网络攻击, 异常分析, 机制

Abstract:

A network selfprotection mechanism based on abnormality analysis is presented aiming at deficiencies of current network security protection technologies. To improve the ability of detection and protection against network attacks, a network attack detection algorithm based on the multivariate abnormality analysis is proposed. The algorithm uses a metric of abnormal distance to classify the network flow into different types and prioritize the routing of the different network flow packets. In this way, the normal traffic flows can suffer the least impact from network attacks. Experiments show that our mechanism can significantly improve the network system’s protection ability against distributed denial of service attacks.

Key words: selfprotection, network attack, abnormality analysis, mechanism

中图分类号: 

版权所有 © 2018 《北京邮电大学学报》编辑部 京ICP备14033833号     在线人数:今日访问 当前在线 总访问

通信地址:北京市海淀区西土城路10号北京邮电大学195信箱    邮编:100876    电话:(010)62281995    QQ:307514248    微博    留言    电子邮箱:byxb@bupt.edu.cn