[1] |
FONSECA N , CROVELLA M , SALAMATIAN K . Long range mutual information[J]. ACM SIGMETRICS Performance Evaluation Review, 2008,36(2): 32-37.
|
[2] |
LEE W , XIANG D . Information-theoretic measures for anomaly detection[A]. Proceedings of IEEE Symposium on Security and Privacy[C]. Oakland,CA, 2001. 130-143.
|
[3] |
FEINSTEIN L , SCHNACKENBERG D , BALUPARI R ,et al. Statistical approaches to DDoS attack detection and response[A]. Proceedings of DARPA Information Survivability Conference and Exposition (DISCEX)[C]. Washington DC,USA, 2003. 303-314.
|
[4] |
WAGNER A , PLATTNER B . Entropy based worm and anomaly detection in fast ip networks[A]. Proceedings of the 14th IEEE International Workshops Enabling Technologies:Infrastructure Collaborative Enterprise[C]. Washington DC,USA, 2005. 172-177.
|
[5] |
刘衍珩, 忖枫, 朱建启 等. 基于活跃熵的 DoS 攻击检测模型[J]. 吉林大学学报(工学版), 2011,41(4): 1059-1064. LIU Y H , FU F , ZHU J Q ,et al. DoS detection model base on alive entropy[J]. Journal of Jilin University(Engineering and Technology Edition), 2011,41(4): 1059-1064.
|
[6] |
田杨 . 基于NetFlow的异常流量检测研究与实现[D]. 长沙:国防科学技术大学, 2009. TIAN Y . Anomaly Traffic Detection Research and Implementation Base on NetFlow[D]. Changsha:National University of Defense Technology, 2009.
|
[7] |
王志 . 基于NetFlow的流量统计分析系统设计与实现[D]. 北京:北京邮电大学, 2007. WANG Z . Design and Implementation of a Network Traffic Measurement and Analysis System Based on NetFlow[D]. Beijing:Beijing University of Posts and Telecommunications, 2009.
|
[8] |
FELDMANN A , GREENBERG A , LUND C ,et al. Deriving traffic demands for operational IP networks:methodology and experience[J]. IEEE/ACM Transactions on Networking, 2001,9(3): 265-279.
|
[9] |
FANG W , PETERSON L . Inter-AS traffic patterns and their implications[A]. Proceedings of the 4th Global Internet Symposium[C]. 1999. 1859-1868.
|
[10] |
BROWNLEE N , CLAFFY K C . Understanding Internet traffic streams:dragonflies and tortoises[J]. Communications Magazine,IEEE, 2002,40(10): 110-117.
|
[11] |
KOHLER E , LI J , PAXSON V ,et al. Observed structure of addresses in IP traffic[J]. IEEE/ACM Transactions on Networking, 2006,14(6): 1207-1218.
|
[12] |
DUFFIELD N , LUND C , THORUP M . Estimating flow distributions from sampled flow statistics[J]. IEEE/ACM Transactions on Networking, 2005,13(5): 933-946.
|
[13] |
KUMAR A , SUNG M , XU J J ,et al. Data streaming algorithms for efficient and accurate estimation of flow size distribution[A]. Proceedings of ACM SIGMETRICS[C]. 2004. 177-188.
|
[14] |
YANG L , MICHAILIDIS G . Sampled based estimation of network traffic flow characteristics[A]. INFOCOM 2007 the 26th IEEE International Conference on Computer Communications[C]. 2007. 1775-1783.
|
[15] |
刘华文 . 基于信息熵的特征选择算法的研究[D]. 长春:吉林大学, 2010. LIU H W . A Study on Feature Selection Algorithms Using Information Entropy[D]. Changchun:Jilin University, 2010.
|
[16] |
Snort,the open sou rce network intru sion detection system[EB/OL]..
|
[17] |
曾嘉, 金跃辉, 叶小卫 . .基于NetFlow的网络异常流量检测[J]. 微计算机应用, 2007,28(7): 709-713. CENG J , JIN Y H , YE X W . NetFlow-based anomaly traffic analyzer[J]. Microcomputer Applications, 2007,28(7): 709-713.
|
[18] |
张国祥 , 基于 NetFlow 的校园网异常流量检测方法的实现与分析[D]. 呼和浩特:内蒙古农业大学, 2011. ZHANG G X . Implementation and Analysis of Campus Network Anomaly Traffic Detection Based on NetFlow[D]. Huhehot:Inner Mongolia Agricultural University, 2011.
|