摘要
基于网络自保护理论和多元异常分析方法,提出一种网络攻击自主防护机制.根据PDRR理论模型,设计网络自保护系统主要功能模块.运用多元异常分析方法,提出基于网络流的多元异常分析网络攻击检测算法.该算法根据网络流测量指标的异常偏差值对其分类,并对分类网络流分配路由调度优先级,削弱网络攻击对正常网络通信流的影响.实验结果表明,提出的网络自主防护机制能显著提高网络系统应对攻击行为的防御能力.
A network self-protection mechanism against network attacks was proposed based on the network self-protection theory and multivariate abnormality analysis.According to PDRR theory model,the main function modules of network self-protection system were designed.By applying multivariate abnormality analysis theory,a flow-based multivariate abnormality analysis network attack detection algorithm was proposed.The algorithm uses a metric of abnormal distance to classify network flow into different types and prioritize the routing of different network flow packets,thus reducing the impact of network attacks against the normal traffic flow.Experimental results demonstrate that the proposed mechanism can significantly protect the network against attacks.
基金
国家自然科学基金(60776807
61179045)
中国高技术研究发展(863)计划(2006AA12A106)
天津市科技支撑计划重点项目(09JCZDJC16800)
中国民航科技基金(MHRD201009
MHRD201021)
中央高校基本科研业务费专项(ZXH2009A006
ZXH2010D009)资助
关键词
自主防护
网络安全
异常分析
网络流
self-protection
network security
abnormality analysis
network flow
