期刊文献+

背景流量中报文负载的字典构造方法 被引量:1

A method of constructing payload of packets in background traffic with dictionary
下载PDF
导出
摘要 背景流量的构造是决定网络测试质量的重要方面.在目前背景流量的生成中,报文的负载一般采用随机串进行全部或部分填充.该方法容易引入误报,造成测试结果的不准确,所构造的流量中报文对被测系统的压力不可控制,在实时测试中随机串的生成降低了测试系统的性能,而在离线测试中为存储负载中的随机串需要庞大的空间.针对这种方法的不足,设计了一种字典填充方法,报文的负载从字典中选取,而字典的内容从被测设备所能监控的网络事件的特征中提取.该方法可以减少随机串方法所带来的问题,实验证明是有效的. The background traffic generation becomes an important part for the network test.Nowadays the payload of packets in the background traffic is usually constructed with random strings.Such a method may bring about many problems,such as unexpected test results which can reduce the accuracy of the test,unexpected processing pressure to the tested system,and performance decrease of the testing system when generating the background traffic in a real-time mode.Furthermore,the storage of such random data for offline test requires much of space.To tackle these problems,a novel method is proposed,which uses the variety of the feature patterns whose ware was abstracted from possible traffic to construct a payload dictionary,and the background traffic payload was composed of the dictionary.The experiments show that this method is efficient,and can reduce the problems caused by the random payload.
出处 《大连理工大学学报》 EI CAS CSCD 北大核心 2005年第z1期237-241,共5页 Journal of Dalian University of Technology
基金 国家973计划课题资助项目(2003CB314803) 江苏省网络与信息安全重点实验室资助项目(BM2003201)
关键词 背景流量 报文负载 字典 网络测试 background traffic payload dictionary network test
  • 相关文献

参考文献5

  • 1[1]RANUM M J. Experiences benchmarking intrusion detection systems[EB/OL]. [S.l.]:NFR Security, Inc, 2001[2005-07-05]. http://www.snort.org/docs/Benchmarking-IDS-NFR.pdf. 被引量:1
  • 2[2]MELL P, HU V. An overview of Issues in testing intrusion detection systems[EB/OL].[S.l.]:NIST, 2003[2005-07-05]. http://csrc.nist.gov/publications/nistir/nistir-7007.pdf. 被引量:1
  • 3[3]MCHUGH J. Testing intrusion detection systems: A critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory[J]. ACM Transactions on Information and System Security, 2000, 3(4): 262-294. 被引量:1
  • 4汪洋,龚俭.入侵检测系统评估方法综述[J].计算机工程与应用,2003,39(32):171-173. 被引量:10
  • 5[5]ANTONATOS S, ANAGNOSTAKIS K G, MARKATOS E P. Generating realistic workloads for network intrusion detection systems[A]. Proceedings of the Fourth International Work-shop on Software and Performance[C]. [S.l.]:ACM Press, 2004. 被引量:1

二级参考文献13

  • 1Richard Lippmann,Robert K Cunningham et al.Results of the DARPA 1998 Offline Intrusion Detection Evaluation[R].MIT Lincoln Laboratory, 1999. 被引量:1
  • 2Richard Lippmann et al.Proposed 1999 DARPA Off-line Intrusion Detection Evaluation Plans[R].MIT Lincoln Laboratory, 1999. 被引量:1
  • 3J W Hains,Richard Lippmann et a1.1999 DARPA Intrusion Detection Evaluation:Design and Procedures[R].MIT Lincoln Laboratory,2001. 被引量:1
  • 4Richard Lippmann et al.The 1999 DARPA Off-Line Intrusion Detection Evaluation[R].Lincoln Laboratory MIT,244 Wood Street,Lexington,MA 02173-9108,2001. 被引量:1
  • 5Terrenee G Champion,Robert S Durst.Air Force Intrusion Detection System Evaluation Environment[R].Air Force Research Laimratory, 1999. 被引量:1
  • 6Dominique Alessandri.Using Rule-Based Activity Descriptions to Evaluate Intrusion-Detection System[R].Switzerland,IBM Research Laboratory Zurich,2000-10. 被引量:1
  • 7The Evolution of Intrusion Detection Technology.ISS white paper. 被引量:1
  • 8Terrence Champion.A benchmark evaluation of network intrusion detection systems[C].In:Aerospace Conference,IEEE Proceedings,2001. 被引量:1
  • 9The Common Intrusion Detection Framework Architecture[S]. 被引量:1
  • 10Nicholas J Puketza et al.A Methodology for Testing Intrusion Detection System[J].IEEE Trans on Software Engineering,1996;22(10): 720-728. 被引量:1

共引文献9

同被引文献7

引证文献1

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部