检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:卢琼 崔文超[1] LU Qiong;CUI Wen-chao(School of Control and Computer Engineering,North China Electric Power University,Beijing 102206,China)
机构地区:[1]华北电力大学控制与计算机工程学院
出 处:《信息技术》2020年第2期121-125,134,共6页Information Technology
摘 要:针对网络流量监测,文中以网络流量外在特征为分析对象,即不考虑网络流量的具体内容,可适用于加密流量。针对终端产生的明文流量,可执行业务协议异常监测。最后,结合业务流量异常分析和业务协议分析结果,综合考虑终端设备的物理层、网络层和协议层异常特征,建立终端设备的画像,刻画终端设备的网络访问状态。基于设备画像,结合特定攻击场景,可准确确定仿冒、恶意终端设备,实现异构全业务泛在电力物联网终端安全监控目标。For network traffic monitoring,this paper takes the external characteristics of network traffic as the analysis object,that is,the specific content of network traffic is not considered,which can be applied to encrypt traffic.Business protocol anomaly monitoring can be performed for the plaintext traffic generated by the terminal.Finally,based on the analysis of business traffic anomaly and business protocol analysis results,comprehensively consider the abnormal characteristics of the physical layer,network layer and protocol layer anomaly characteristics of terminal devices,establish the portrait of terminal devices and depict the network access state of terminal devices.Based on the device portrait and specific attack scenario,it is possible to accurately determine the phishing and malicious terminal equipment,and to achieve terminal security monitoring target of heterogeneous full service ubiquitous power IoT terminals.
分 类 号:TP301[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:3.144.229.52