检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]咸阳师范学院信息工程学院,陕西咸阳712000
出 处:《咸阳师范学院学报》2011年第2期49-53,共5页Journal of Xianyang Normal University
基 金:咸阳师范学院科研基金项目(07XSYK268)
摘 要:HTTP隧道是各种木马和间谍软件进行网络通信的主要途径,严重威胁了网络安全。比较有效的算法主要是统计指印方法,统计指印采用的特征较少,对训练集的依赖程度较高,算法的稳定性较差。决策树分类算法提取了网络数据流更多的有效特征。使用决策树分类算法对HTTP隧道数据进行了检测,通过实验结果对比,决策树算法的稳定性更好,精确度和效率更高。HTTP-tunnel is always used by Trojans and backdoors to avoid the detection of firewalls,and it is a threat of network security.There are a few methods in detection of HTTP-tunnel,and the statistical fingerprinting is an effective method.The method of statistical fingerprinting is instability because the features which the method using is few and its accuracy is determined by the volume of training set.In this method,we extracted more statistic features from the first four packets and the whole flows which were effective.We used the algorithm of C4.5 to train the classifier,and used the testing set to test the classifier.Comparing to the algorithm of fingerprint,the C4.5 algorithm had some advantages in stability,accuracy and efficiency in our experiment.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.185