АНАЛИЗ МЕТОДОВ МОНИТОРИНГА СЕТЕВОЙ БЕЗОПАСНОСТИ - Проблемы Информационных Технологий

АНАЛИЗ МЕТОДОВ МОНИТОРИНГА СЕТЕВОЙ БЕЗОПАСНОСТИ - Проблемы Информационных Технологий

АНАЛИЗ МЕТОДОВ МОНИТОРИНГА СЕТЕВОЙ БЕЗОПАСНОСТИ - Проблемы Информационных Технологий

АНАЛИЗ МЕТОДОВ МОНИТОРИНГА СЕТЕВОЙ БЕЗОПАСНОСТИ - Проблемы Информационных Технологий

АНАЛИЗ МЕТОДОВ МОНИТОРИНГА СЕТЕВОЙ БЕЗОПАСНОСТИ - Проблемы Информационных Технологий
АНАЛИЗ МЕТОДОВ МОНИТОРИНГА СЕТЕВОЙ БЕЗОПАСНОСТИ - Проблемы Информационных Технологий
НАЦИОНАЛЬНАЯ АКАДЕМИЯ НАУК АЗЕРБАЙДЖАНА

№1, 2014

АНАЛИЗ МЕТОДОВ МОНИТОРИНГА СЕТЕВОЙ БЕЗОПАСНОСТИ

Алгулиев Расим М., Имамвердиев Ядигар Н., Набиев Бабек Р.

Мониторинг сетевой безопасности является актуальной задачей для обеспечения непрерывного и надежного функционирования компьютерных сетей. В статье определены задачи и функции мониторинга сетевой безопасности, интеллектуальные методы мониторинга сетевой безопасности, в том числе исследованы методы классификации и кластеризации сетевого трафика, и установлен ряд важных проблем исследования. (стр. 60-68)

Ключевые слова: информационная безопасность, мониторинг сетевой безопасности, анализ сетевого трафика, классификация трафика, кластеризация трафика
Литература
  • Pierson R., Fitzpatrick S. Network security architecture for intelligent networks // Intelligent Network Workshop, 1997, vol. 3, no.3, pp.37.
  • Kotenko I., Bogdanov V. Proactive monitoring of security policy accomplishment in computer networks / of the IEEE International Workshop on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications, 2009, pp.364−369.
  • Zhang H., Lu G., Qassrawi M., Yu X. Comparison and Analysis of Flow Features at the Packet Level for Traffic Classification / of the International Conference on Connected Vehicles and Expo (ICCVE), 2012, pp.262−267.
  • Callado A., Kamienski C., Szabo G., Gero B., Kelner J., Fernandes S., Sadok D. A Survey on Internet Traffic Identification // IEEE Communications Surveys & Tutorials, 2009, 11, pp.37−52.
  • Junior G.P.S., Maia J.E.B., Holanda R., Sousa J.N. P2P Traffic Identification using Cluster Analysis / of the First International Global Information Infrastructure Symposium, 2007, pp.128−133.
  • Dong-Mei L., Bin L., Ying Q. Study on method for public traffic network optimization and adjustment based on cluster analysis / of the International Conference on Machine Learning and Cybernetics (ICMLC), 2011, pp.1593−1596.
  • Kuai X., Zhi-Li Z., Bhattacharyya S. Internet Traffic Behavior Profiling for Network Security Monitoring // The IEEE&ACM Transactions on Networking, 2008, vol.16, no.6, pp.1241−1252.
  • Boukerchea A., Machado B.R., Jucá K.R.L., Sobral J.B.M., Notare M.S.M.A. An agent based and biological inspired real-time intrusion detection and security model for computer network operations // Journal Computer Communications, 2007, vol. 30, no. 13, pp.2649−2660.
  • Han J., Kamber M. Data Mining: Concepts and Techniques, 2nd ed. Morgan Kaufmann Publishers, 2006.
  • Bishop C.M. Pattern Recognition and Machine Learning. Springer, 2006, 738 p.
  • Xu K., Zhang Z., Bhattacharyya S., Internet Traffic Behavior Profiling for Network Security Monitoring // IEEE/ACM Transactions on Networking, 2008, pp.1241−1252.
  • Wu Q., Ferebee D., Lin Y., Dasgupta D. Visualization of security events using an efficient correlation technique / of the IEEE Symposium on Computational Intelligence in Cyber Security, 2009, pp.61−68.
  • Amalio N., Spanoudakis G. From Monitoring Templates to Security Monitoring and Threat Detection / Proc. of the Second International Conference on Emerging Security Information, Systems and Technologies, 2008, pp.185−192.
  • Lee C.P., Trost J., Gibbs N., Raheem B., Copeland J.A. Visual firewall: real-time network security monitor // IEEE Workshop on Visualization for Computer Security, 2005, 129−136.
  • Mukosaka S., Koike H. Integrated visualization system for monitoring security in large-scale local area network / Proc. of the 6th International Asia-Pacific Symposium, 2007, pp.41−44.
  • Wu Q., Ferebee D., Lin Y., Dasgupta D. An integrated cyber security monitoring system using correlation-based techniques / Proc. of the IEEE International Conference on System of Systems Engineering, 2009, pp.1−6.
  • Savola R.M., Heinonen P. Security-Measurability-Enhancing Mechanisms for a Distributed Adaptive Security Monitoring System / Proc. of the Fourth International Conference on Emerging Security Information Systems and Technologies, 2010, pp.25−34.
  • Kim J., Yoon S., Kim M. Study on traffic classification taxonomy for multilateral and hierarchical traffic classification / Proc. of the 14th Asia-Pacific Network Operations and Management Symposium, 2012, pp.1−4.
  • Dainotti A., Donato W., Pescape A., Rossi S.P. Classification of Network Traffic via Packet-Level Hidden Markov Models / Proc. of the IEEE Global Telecommunications Conference, 2008, pp.1−5.
  • Zhang J., Xiang Y., Wang Y., Zhou W., Xiang Y., Guan Y. Network Traffic Classification Using Correlation Information // IEEE transactions on Parallel and Distributed Systems, 2013, vol.24, no.1, pp.104−117.
  • Goseva-Popstojanova K., Anastasovski G., Dimitrijevikj A., Pantev R., Miller B. Characterization and classification of malicious Web traffic // Computers & Security, 2014, vol. 42, pp. 92-115
  • Nechay D., Montreal Q.C., Pointurier Y., Coates M. Controlling False Alarm/Discovery Rates in Online Internet Traffic Flow Classification / Proc. of the IEEE Conference on INFOCOM, 2009, pp.684−692.
  • Mathewos B., Carvalho M.M., Ham F.M. Network traffic classification using a parallel neural network classifier architecture / Proc. of the 7th Annual Workshop on Cyber Security and Information Intelligence Research, 2011, no.3, pp.13–25.
  • Liu D., Lung C., Lambadańs I., Seddigh N. Network traffic anomaly detection using clustering techniques and performance comparison / Proc. of the 26th Annual IEEE Canadian Conference on Electrical and Computer Engineering, 2013, pp.1−4.
  • Shokri R., Oroumchian F., Yazdani N. CluSID: a clustering scheme for intrusion detection improved by information theory / Proc. of the 7th IEEE Malaysia International Conference on Communications, 2005, pp.553−558.
  • Li N., Zhang S., Lu Y., Yan J. Real-time P2P traffic identification / Proc. of the IEEE Global Telecommunications Conference, 2008, pp.1−4.
  • Khoshgoftaar T.M., Nath S.V., Zhong S., Seliya N. Intrusion detection in wireless networks using clustering techniques with expert analysis / Proc. of the 4th International Conference on Machine Learning and Applications, 2005, pp.8−17.
  • Zi L., Yearwood J., Wu X.-W. Adaptive clustering with feature ranking for DDoS attacks detection / Proc. of the 4th International Conference on Network and System Security (NSS), 2010, pp.281−286.
  • Dietrich C.J., Rossow C., Pohlmann N. CoCoSpot: Clustering and recognizing botnet command and control channels using traffic analysis // The International Journal of Computer and Telecommunications Networking, 2013, vol.57, no.2, pp.475−486.