| 题名: |
Vertical Scanning Behavior Analysis of High-Frequency Superpoints |
| 作者: |
郭文仙,于海青,丁伟 |
| 杂志/会议: |
2022 IEEE 6th International Conference on Cryptography, Security and Privacy |
| 卷、期、页码: |
p114-118 |
| 时间: |
2022-01 |
| 关键词: |
internet traffic measurement, superpoints, time-frequency classification, vertical scanning, machine learning |
| 摘要: |
Access superpoint is a host that communicates with a large number of peers at the same time in the network, occupying a large number of network communication resources. Under the background that access superpoint detection algorithms have been developed relatively mature, the anomaly detection research based on this is the direction worth exploring at present. In terms of time, access superpoints can be divided into high-frequency, medium-frequency and low-frequency superpoints. Among them, high-frequency superpoints often contain important data resources and are the first choice for hackers to attack, while vertical scanning is a common pre-invasion method for attackers. Therefore, detecting and analyzing the vertical scanning behavior of high-frequency superpoints plays an important role in the protection of high-frequency superpoints. In this paper, a time-frequency attribute is defined for the detected access superpoints and a time-frequency classification algorithm based on sliding window is proposed. The experimental results show that the algorithm has a high accuracy of 98.26% in a high-speed network environment. The vertical scanning behavior was screened based on the rules. And XGBoost algorithm was used to generate a classifier that can distinguish the abnormal behaviors of high frequency superpoints caused by vertical scanning. The classifier can identify the abnormal behaviors of high frequency superpoints caused by vertical scanning with an accuracy of 93.19%. |
| 索引: |
|
|
全文链接
导出
|