检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:武飞[1] 曾凡平[1,2] 张辉[1] 董齐兴[1]
机构地区:[1]中国科学技术大学计算机科学与技术学院,合肥230026 [2]安徽省计算与通讯软件重点实验室,合肥230026
出 处:《小型微型计算机系统》2014年第8期1711-1716,共6页Journal of Chinese Computer Systems
基 金:安徽省自然科学基金项目(11040606M131)资助
摘 要:基于载荷特征的IP流分类技术的准确性较高,但是该分类技术的基础是提取出准确的载荷特征.目前大部分应用的载荷特征依靠手工逆向分析数据包结构来进行提取.然而手工分析提取应用产生的数据包是十分耗时的,特别是对于一个未知的应用.鉴于此,本文设计并实现了一种把固定位置载荷特征和载荷特征公共子串相结合的载荷特征自动提取算法.该算法可以自动提取应用层载荷特征并构造出正则表达式.除了可以提取出公共特征串之外,还可提取出很多特征提取算法所忽略的固定位置的单字节特征.实验结果验证了算法的有效性和准确性.The classification of IP flow based on the payload signatures is quite accurate, but the basis of the classification method is extracting an accurate payload signature. At present the payload signatures of most applications are generated based on inverse analysis of the packet structures manually. However, analyzing the packets generated by applications manually is time-consuming, especially for an unknown application. Due to this, the paper devises and implements an algorithm for automatic generation of the payload sig- natures, which combine the fixed-position payload signatures with the common substrings of the signatures. This algorithm can gener- ate the payload signatures of the application layer and construct the regular expressions of the signatures automatically. In addition to generating the common signatures, this algorithm can also generate the fixed-position one-byte-signature which is usually ignored by many algorithms for generating payload signatures. The experimental results verify the effectiveness and accuracy of the proposed al- gorithm.
分 类 号:TP311[自动化与计算机技术—计算机软件与理论]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.249