基于网络熵的网络攻击身份快速追踪方法  

Fast Identity Tracking Method for Network Attack Based on Network Entropy

在线阅读下载全文

作  者:樊凯 冯国聪 刘祥 FAN Kai;FENG Guo-cong;LIU Xiang(China Southern Power Grid Co.,Ltd.,Guangzhou 510000 China;China Southern Power Grid Digital Grid Research Institute Co.,Ltd.,Guangzhou 510663 China)

机构地区:[1]中国南方电网有限责任公司,广东广州510000 [2]南方电网数字电网研究院有限公司,广东广州510663

出  处:《自动化技术与应用》2022年第12期101-104,151,共5页Techniques of Automation and Applications

摘  要:针对传统可视化跟踪方法对定量评估网络攻击造成身份快速追踪结果不精准的问题,提出一种基于网络熵的网络攻击身份快速追踪方法。归一化处理信道利用率和网络延迟指标,结合网络熵定量评估网络攻击效果。根据查询式追踪数据包结构制定基于网络熵的自适应协同追踪机制,确定信息标记域、信息领域和跟踪标记域。通过初步协同追踪,确定攻击报警的特征信息,结合深度协同追踪步骤,重构出攻击路径,实现快速追踪。实验结果表明,该方法在DDoS攻击模式下网络攻击身份、传输路径和异常高低点均与实际数据一致,具有精准追踪结果。Aiming at the problem that the traditional visual tracking method causes inaccurate identity tracking results in the quantitative evaluation of network attacks, a network attack identity tracking method based on network entropy is proposed. The channel utilization and network delay indexes are normalized, and the network attack effect is quantitatively evaluated combined with network entropy. According to the query tracking packet structure, an adaptive collaborative tracking mechanism based on network entropy is developed to determine the information tag domain, information domain and tracking tag domain. Through preliminary cooperative tracking, the characteristic information of attack alarm is determined. Combined with the steps of deep cooperative tracking, the attack path is reconstructed to realize fast tracking. The experimental results show that the network attack identity,transmission path and abnormal high and low points are consistent with the actual data in the DDoS attack mode, and the method has accurate tracking results.

关 键 词:网络熵 网络攻击 身份快速追踪 定量评估 

分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象