计算机工程与应用 ›› 2010, Vol. 46 ›› Issue (26): 80-82.DOI: 10.3778/j.issn.1002-8331.2010.26.025

• 网络、通信、安全 • 上一篇    下一篇

网络服务伪装自动响应模型研究

邓慧娟,何聚厚   

  1. 陕西师范大学 计算机科学学院,西安 710062
  • 收稿日期:2009-11-02 修回日期:2010-02-24 出版日期:2010-09-11 发布日期:2010-09-11
  • 通讯作者: 邓慧娟

Automatic response model of network service camouflaging

DENG Hui-juan,HE Ju-hou   

  1. School of Computer Science,Shaanxi Normal University,Xi’an 710062,China
  • Received:2009-11-02 Revised:2010-02-24 Online:2010-09-11 Published:2010-09-11
  • Contact: DENG Hui-juan

摘要: 基于伪装网络服务监测跟踪攻击行为及过程,可以有效研究发现未知攻击方式及其特征。为使伪装网络服务能够自动响应不确定的攻击探测行为,引入了网络服务伪装自动响应模型。该模型对网络会话进行自学习生成状态机,利用经过特征提取的状态机进行模式匹配,进而构造网络会话响应内容。同时利用基于有色事件驱动状态变迁的思想对响应过程进行控制。实验结果验证了该模型的有效性。

关键词: 网络服务伪装, 自动响应模型, 状态图

Abstract: Monitoring and tracking attacks and its processes based on network service camouflaging can find out unknown attack and its characters.In order to response uncertain attacks automatically,automatic response model of network service camouflaging is introduced.This model builds state machine through self-learning from network services.Then it uses the extracted state machine to do the pattern matching and then constructs the content of the response.At the same time,the idea of CEST(Colored Event-driven State Transition) is introduced to control the response process.The experimental results verify the validity of this model.

Key words: network service camouflaging, automatic response model, state machine

中图分类号: