• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

软件深度包检测系统在网络流量分析和异常检测中的应用。

A Software Deep Packet Inspection System for Network Traffic Analysis and Anomaly Detection.

机构信息

School of Computer Science, Yangtze University, Jingzhou 434023, China.

Department of telecommunications, Lviv Polytechnic National University, Bandery 12, 79013 Lviv, Ukraine.

出版信息

Sensors (Basel). 2020 Mar 14;20(6):1637. doi: 10.3390/s20061637.

DOI:10.3390/s20061637
PMID:32183399
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC7146318/
Abstract

In this paper, to solve the problem of detecting network anomalies, a method of forming a set of informative features formalizing the normal and anomalous behavior of the system on the basis of evaluating the Hurst (H) parameter of the network traffic has been proposed. Criteria to detect and prevent various types of network anomalies using the Three Sigma Rule and Hurst parameter have been defined. A rescaled range (RS) method to evaluate the Hurst parameter has been chosen. The practical value of the proposed method is conditioned by a set of the following factors: low time spent on calculations, short time required for monitoring, the possibility of self-training, as well as the possibility of observing a wide range of traffic types. For new DPI (Deep Packet Inspection) system implementation, algorithms for analyzing and captured traffic with protocol detection and determining statistical load parameters have been developed. In addition, algorithms that are responsible for flow regulation to ensure the QoS (Quality of Services) based on the conducted static analysis of flows and the proposed method of detection of anomalies using the parameter Hurst have been developed. We compared the proposed software DPI system with the existing SolarWinds Deep Packet Inspection for the possibility of network traffic anomaly detection and prevention. The created software components of the proposed DPI system increase the efficiency of using standard intrusion detection and prevention systems by identifying and taking into account new non-standard factors and dependencies. The use of the developed system in the IoT communication infrastructure will increase the level of information security and significantly reduce the risks of its loss.

摘要

在本文中,为了解决网络异常检测问题,提出了一种方法,该方法基于评估网络流量的赫斯特(H)参数,形成一组信息丰富的特征,对系统的正常和异常行为进行形式化。定义了使用三西格玛规则和赫斯特参数检测和预防各种类型网络异常的标准。选择了重标极差(RS)方法来评估赫斯特参数。所提出方法的实际价值受以下因素的限制:计算时间短,监控所需时间短,自我训练的可能性,以及观察广泛的流量类型的可能性。对于新的 DPI(深度包检测)系统的实现,开发了用于分析和捕获具有协议检测的流量并确定统计负载参数的算法。此外,还开发了负责流量调节的算法,以确保基于流量的静态分析和使用赫斯特参数检测异常的建议方法的 QoS(服务质量)。我们比较了所提出的软件 DPI 系统与现有的 SolarWinds Deep Packet Inspection 系统,以检测和预防网络流量异常的可能性。所提出的 DPI 系统的软件组件通过识别和考虑新的非标准因素和依赖关系,提高了使用标准入侵检测和预防系统的效率。在物联网通信基础设施中使用开发的系统将提高信息安全性水平,并显著降低信息丢失的风险。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/09760f04db19/sensors-20-01637-g029.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/3d64caa9c92e/sensors-20-01637-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/22bd6a82e8ca/sensors-20-01637-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/023400d1d824/sensors-20-01637-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/3e246d70e4ca/sensors-20-01637-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/88eeda725b32/sensors-20-01637-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/9af0c03fabc2/sensors-20-01637-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/206dba6cbf21/sensors-20-01637-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/99e141d75a43/sensors-20-01637-g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/3fcee0ccf0b5/sensors-20-01637-g009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/31437aba3fa1/sensors-20-01637-g010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/6770b908d272/sensors-20-01637-g011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/5a8ae40c1e59/sensors-20-01637-g012.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/bfe4a6f7bb5c/sensors-20-01637-g013.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/958c3be2bc19/sensors-20-01637-g014.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/04a873d51407/sensors-20-01637-g015.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/36ff57795323/sensors-20-01637-g016.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/d7bb22bd79b0/sensors-20-01637-g017.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/d5448bedfcdd/sensors-20-01637-g018.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/6b4b33fe58f1/sensors-20-01637-g019.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/5ea472849508/sensors-20-01637-g020.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/8d52e5868fa8/sensors-20-01637-g021.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/8483bb029f13/sensors-20-01637-g022.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/c1856611203b/sensors-20-01637-g023.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/66bbd63f2a3a/sensors-20-01637-g024.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/f815b71af0cd/sensors-20-01637-g025.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/351db568689a/sensors-20-01637-g026.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/ba2dac1c233d/sensors-20-01637-g027.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/dd210ab851b7/sensors-20-01637-g028.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/09760f04db19/sensors-20-01637-g029.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/3d64caa9c92e/sensors-20-01637-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/22bd6a82e8ca/sensors-20-01637-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/023400d1d824/sensors-20-01637-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/3e246d70e4ca/sensors-20-01637-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/88eeda725b32/sensors-20-01637-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/9af0c03fabc2/sensors-20-01637-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/206dba6cbf21/sensors-20-01637-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/99e141d75a43/sensors-20-01637-g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/3fcee0ccf0b5/sensors-20-01637-g009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/31437aba3fa1/sensors-20-01637-g010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/6770b908d272/sensors-20-01637-g011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/5a8ae40c1e59/sensors-20-01637-g012.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/bfe4a6f7bb5c/sensors-20-01637-g013.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/958c3be2bc19/sensors-20-01637-g014.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/04a873d51407/sensors-20-01637-g015.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/36ff57795323/sensors-20-01637-g016.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/d7bb22bd79b0/sensors-20-01637-g017.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/d5448bedfcdd/sensors-20-01637-g018.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/6b4b33fe58f1/sensors-20-01637-g019.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/5ea472849508/sensors-20-01637-g020.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/8d52e5868fa8/sensors-20-01637-g021.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/8483bb029f13/sensors-20-01637-g022.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/c1856611203b/sensors-20-01637-g023.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/66bbd63f2a3a/sensors-20-01637-g024.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/f815b71af0cd/sensors-20-01637-g025.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/351db568689a/sensors-20-01637-g026.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/ba2dac1c233d/sensors-20-01637-g027.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/dd210ab851b7/sensors-20-01637-g028.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/64b2/7146318/09760f04db19/sensors-20-01637-g029.jpg

相似文献

1
A Software Deep Packet Inspection System for Network Traffic Analysis and Anomaly Detection.软件深度包检测系统在网络流量分析和异常检测中的应用。
Sensors (Basel). 2020 Mar 14;20(6):1637. doi: 10.3390/s20061637.
2
Acceleration of Intrusion Detection in Encrypted Network Traffic Using Heterogeneous Hardware.利用异构硬件加速加密网络流量中的入侵检测
Sensors (Basel). 2021 Feb 6;21(4):1140. doi: 10.3390/s21041140.
3
Traffic Management in IoT Backbone Networks Using GNN and MAB with SDN Orchestration.基于软件定义网络编排的图神经网络和多智能体强化学习在物联网骨干网中的流量管理
Sensors (Basel). 2023 Aug 10;23(16):7091. doi: 10.3390/s23167091.
4
A Deep Learning Ensemble for Network Anomaly and Cyber-Attack Detection.深度学习在网络异常和网络攻击检测中的应用。
Sensors (Basel). 2020 Aug 15;20(16):4583. doi: 10.3390/s20164583.
5
Artificial Intelligence-Based Anomaly Detection Technology over Encrypted Traffic: A Systematic Literature Review.基于人工智能的加密流量异常检测技术:系统文献综述
Sensors (Basel). 2024 Jan 30;24(3):898. doi: 10.3390/s24030898.
6
A Hybrid CPU/GPU Pattern-Matching Algorithm for Deep Packet Inspection.一种用于深度包检测的混合CPU/GPU模式匹配算法。
PLoS One. 2015 Oct 5;10(10):e0139301. doi: 10.1371/journal.pone.0139301. eCollection 2015.
7
A Machine Learning-Based Anomaly Prediction Service for Software-Defined Networks.基于机器学习的软件定义网络异常预测服务。
Sensors (Basel). 2022 Nov 2;22(21):8434. doi: 10.3390/s22218434.
8
Anomaly traffic detection based on feature fluctuation for secure industrial internet of things.基于特征波动的异常流量检测用于安全的工业物联网
Peer Peer Netw Appl. 2023 Apr 26:1-16. doi: 10.1007/s12083-023-01482-0.
9
GSOOA-1DDRSN: Network traffic anomaly detection based on deep residual shrinkage networks.GSOOA-1DDRSN:基于深度残差收缩网络的网络流量异常检测
Heliyon. 2024 May 29;10(11):e32087. doi: 10.1016/j.heliyon.2024.e32087. eCollection 2024 Jun 15.
10
Malicious Network Traffic Detection Based on Deep Neural Networks and Association Analysis.基于深度神经网络和关联分析的恶意网络流量检测。
Sensors (Basel). 2020 Mar 6;20(5):1452. doi: 10.3390/s20051452.

引用本文的文献

1
Intelligent algorithmic framework for detection and mitigation of BeiDou spoofing attacks in vehicular ad hoc networks (VANETs).用于检测和缓解车载自组织网络(VANETs)中北斗欺骗攻击的智能算法框架。
PeerJ Comput Sci. 2024 Oct 18;10:e2419. doi: 10.7717/peerj-cs.2419. eCollection 2024.
2
Quality Evaluation of Selected Organic Coatings Used on Roofing Sheets.用于屋面卷材的选定有机涂料的质量评估
Materials (Basel). 2022 Feb 10;15(4):1310. doi: 10.3390/ma15041310.
3
Malicious Network Behavior Detection Using Fusion of Packet Captures Files and Business Feature Data.

本文引用的文献

1
Detection and Mitigation of DoS and DDoS Attacks in IoT-Based Stateful SDN : An Experimental Approach.基于物联网的有状态软件定义网络中拒绝服务和分布式拒绝服务攻击的检测与缓解:一种实验方法。
Sensors (Basel). 2020 Feb 3;20(3):816. doi: 10.3390/s20030816.
2
Hydro-Thermal Fatigue of Polymer Matrix Composite Biomaterials.聚合物基复合生物材料的水热疲劳
Materials (Basel). 2019 Nov 6;12(22):3650. doi: 10.3390/ma12223650.
3
The Effect of Thermocycling on Surface Layer Properties of Light Cured Polymer Matrix Ceramic Composites (PMCCs) Used in Sliding Friction Pair.
利用数据包捕获文件和业务特征数据融合进行恶意网络行为检测。
Sensors (Basel). 2021 Sep 3;21(17):5942. doi: 10.3390/s21175942.
4
Energy Structure and Luminescence of CeF Crystals.CeF 晶体的能量结构与发光
Materials (Basel). 2021 Jul 29;14(15):4243. doi: 10.3390/ma14154243.
热循环对用于滑动摩擦副的光固化聚合物基陶瓷复合材料(PMCCs)表面层性能的影响
Materials (Basel). 2019 Aug 29;12(17):2776. doi: 10.3390/ma12172776.
4
Internet of Things (IoT) Operating Systems Management: Opportunities, Challenges, and Solution.物联网(IoT)操作系统管理:机遇、挑战与解决方案。
Sensors (Basel). 2019 Apr 15;19(8):1793. doi: 10.3390/s19081793.
5
Wireless Sensor Network Combined with Cloud Computing for Air Quality Monitoring.无线传感器网络与云计算相结合的空气质量监测。
Sensors (Basel). 2019 Feb 8;19(3):691. doi: 10.3390/s19030691.
6
A Survey of Energy-Efficient Communication Protocols with QoS Guarantees in Wireless Multimedia Sensor Networks.无线多媒体传感器网络中具有服务质量保证的节能通信协议研究综述。
Sensors (Basel). 2019 Jan 7;19(1):199. doi: 10.3390/s19010199.
7
A Survey of Anomaly Detection in Industrial Wireless Sensor Networks with Critical Water System Infrastructure as a Case Study.以关键水系统基础设施为案例研究的工业无线传感器网络异常检测综述。
Sensors (Basel). 2018 Aug 1;18(8):2491. doi: 10.3390/s18082491.
8
A Comparative Study of Anomaly Detection Techniques for Smart City Wireless Sensor Networks.智慧城市无线传感器网络异常检测技术的比较研究
Sensors (Basel). 2016 Jun 13;16(6):868. doi: 10.3390/s16060868.
9
A Comparative Evaluation of Unsupervised Anomaly Detection Algorithms for Multivariate Data.多元数据无监督异常检测算法的比较评估
PLoS One. 2016 Apr 19;11(4):e0152173. doi: 10.1371/journal.pone.0152173. eCollection 2016.