| 基于NetFlow流量分析的网络蠕虫检测算法 |
| |
| 引用本文: | 吴国东,黄牛,刘巍.基于NetFlow流量分析的网络蠕虫检测算法[J].船电技术,2010,30(11):25-27. |
| |
| 作者姓名: | 吴国东 黄牛 刘巍 |
| |
| 作者单位: | 武汉第二船舶设计研究所,武汉;武汉第二船舶设计研究所,武汉;武汉第二船舶设计研究所,武汉 |
| |
| 摘 要: | 网络蠕虫是网络安全中的一个重要议题,为了及时检测网络蠕虫,本文基于NetFlow协议提出了一种网络蠕虫的检测算法。该文介绍了NetFlow数据报的格式,提供了常见蠕虫病毒的NetFlow数据报的特征。统计了待检测网络流量特征,将此流量特征与正常网络流量特征进行对比,判断网络中是否存在蠕虫病毒。测试结果表明,该算法能够有效地检测网络蠕虫病毒。
|
| 关 键 词: | NetFlow 网络蠕虫 入侵检测 DoS 流量分析 |
Network Worm Detection Algorithm Based on NetFlow Traffic Analysis |
| |
| Wu Guodong,Huang Niu,Liu Wei.Network Worm Detection Algorithm Based on NetFlow Traffic Analysis[J].Marine Electric & Electronic Technology,2010,30(11):25-27. |
| |
| Authors: | Wu Guodong Huang Niu Liu Wei |
| |
| Institution: | Wu Guodong,Huang Niu,Liu Wei (Wuhan Second Ship Design and Research Institute,Wuhan 430064,China) |
| |
| Abstract: | Network worm is a very important problem in network security. In this paper, a network worm detecting algorithm is proposed based on NetFlow protocol. The netflow datagram is introduced and some known worms are listed. It generalizes the flow specializations of the network to be detected, and compares the specializations with those of normal networks to determine exist of worms. The tests show that this algorithm can detect network worms effectively. |
| |
| Keywords: | NetFlow network worm Intrusion detecting DoS NetFlow analysis |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
