###
DOI:10.15888/j.cnki.csa.006063
计算机系统应用英文版:2017,26(11):132-138
View/Add Comment     过刊浏览    高级检索     HTML
←前一篇   |   后一篇→
本文二维码信息
码上扫一扫!
面向高速混杂网络的被动式多维度主机指纹模型
张凯翔1, 刘琰1, 方文渊1, 刘莺迎2
(1.数学工程与先进计算国家重点实验室, 郑州 450000;2.河南牧业经济学院 信息与电子工程学院, 郑州 450000)
Passive Multi-Dimensional Host Fingerprint Model in High-Speed Hybrid Network
ZHANG Kai-Xiang1, LIU Yan1, FANG Wen-Yuan1, LIU Ying-Ying2
(1.China State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450000, China;2.Information and Electronic Engineering of Henan Animal Husbandry College, Zhengzhou 450000, China)
摘要
图/表
参考文献
相似文献
本文已被:浏览 1598次   下载 1882
Received:February 16, 2017    Revised:March 16, 2017
中文摘要: 主机识别对于计算机网络犯罪取证、抵御匿名攻击具有重要意义.为了精确识别网络上的目标主机,首先给出了多维度主机指纹模型的定义和性质并进行了形式化描述,然后针对传统方法在主机指纹获取中存在可靠性及准确性不足的问题,综合主机硬件特征信息、主机软件环境特征信息和主机网络行为特征信息,提出了一种面向高速混杂网络流量的多维度主机指纹模型构建方法.实验结果表明,该模型在高速混杂网络下可以灵活有效提取主机特征信息,使用该模型构建多维度主机指纹模型,主机识别准确率达到93.33%,相比单维度主机指纹识别提高了近8个百分点,具有更高的可靠性和准确率,且不受IP地址变化的影响.
中文关键词: 主机识别  主机指纹  特征提取  特征选择
Abstract:Host identification is very important for computer forensics and anonymous attack resistance. In order to accurately identify the target host on the network, the definition and properties of the multi-dimensional host fingerprint model are given and formalized. Then, in view of the problem of reliability and accuracy of fingerprint acquisition, this paper proposes a multi-dimensional host fingerprint model for high-speed hybrid network traffic, which integrates the hardware characteristic information, host software environment characteristic information and host network behavior characteristic information. The experimental results show that the proposed model can extract data flexibly and efficiently in the high-speed hybrid network, and the multi-dimensional host fingerprint model can effectively identify the host with the accuracy of 93.33%, which has increased by nearly 8 percent compared with the single-dimension host fingerprint identification, and the multi-dimensional host fingerprint model is not affected by IP address changes. In general, the multi-dimensional host fingerprint model has higher reliability and accuracy compared with the single-dimensional host fingerprint identification.
keywords: host identification  host fingerprint  characteristics extraction  characteristics selection
文章编号:     中图分类号:    文献标志码:
基金项目:国家自然科学基金(61309007, U1636219);国家重点研发计划课题(2016YFB0801303)
Author NameAffiliationE-mail
ZHANG Kai-Xiang China State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450000, China  
LIU Yan China State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450000, China ms_liuyan@aliyun.com 
FANG Wen-Yuan China State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450000, China  
LIU Ying-Ying Information and Electronic Engineering of Henan Animal Husbandry College, Zhengzhou 450000, China  
Author NameAffiliationE-mail
ZHANG Kai-Xiang China State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450000, China  
LIU Yan China State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450000, China ms_liuyan@aliyun.com 
FANG Wen-Yuan China State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450000, China  
LIU Ying-Ying Information and Electronic Engineering of Henan Animal Husbandry College, Zhengzhou 450000, China  
引用文本:
张凯翔,刘琰,方文渊,刘莺迎.面向高速混杂网络的被动式多维度主机指纹模型.计算机系统应用,2017,26(11):132-138
ZHANG Kai-Xiang,LIU Yan,FANG Wen-Yuan,LIU Ying-Ying.Passive Multi-Dimensional Host Fingerprint Model in High-Speed Hybrid Network.COMPUTER SYSTEMS APPLICATIONS,2017,26(11):132-138

用微信扫一扫

Copyright:Institute of Software, Chinese Academy of Sciences
Postal address:4# South Fourth Street, Zhongguancun,Haidian, Beijing,Encoding:100190
Tel:010-62661041 Email:csa (a) iscas.ac.cn
Technical support:Beijing Qin Yun science and Technology Development Co., Ltd.