| 基于广义和校准马氏距离对IP地址威胁程度的诊断 |
| |
| 作者姓名: | 钞婷 李启寨 刘卓军 孙才 孙云刚 |
| |
| 作者单位: | 1. 中国科学院数学与系统科学研究院, 北京 100049;
2. 中国互联网络信息中心, 北京 100190 |
| |
| 基金项目: | 国家自然科学基金(11371353)和中国互联网络信息中心研究课题(DNSLAB-2012-N-U)资助 |
| |
| 摘 要: | 域名系统(DNS)是互联网的重要组成部分.维护DNS健康安全对整个互联网的正常运行具有十分重要的意义.通过监测并屏蔽对域名服务器具有潜在威胁的用户IP地址,达到维护DNS健康安全的目的.本文提出基于广义和校准的马氏距离2种方法,综合多个指标对IP地址的威胁程度进行诊断.这2种方法可以解决协方差阵不可逆的情形.将2种改进的马氏距离应用到实际访问DNS报文数据分析中,结果表明,它们在诊断IP的威胁程度上是非常有效的.
|
| 关 键 词: | DNS 广义马氏距离 校准马氏距离 IP威胁程度 综合诊断 |
| 收稿时间: | 2013-12-31 |
| 修稿时间: | 2014-03-31 |
Diagnosis of threat degree of IP addresses based on the generalized and regularized Mahalanobis distances |
| |
| Authors: | CHAO Ting LI Qizhai LIU Zhuojun SUN Cai SUN Yungang |
| |
| Institution: | 1. Academy of Mathematics and Systems Science, Chinese Academy of Sciences, Beijing 100049, China;
2. China Internet Network Information Center, Beijing 100190, China |
| |
| Abstract: | The domain name system (DNS) plays an important role in the internet, and maintaining its health and security is significant to the normal operation of the entire internet. To this end, we detect and shield the IP addresses that have potential threats to the name servers. We propose the generalized and regularized Mahalanobis distances to diagnose the threat degree of IP addresses. Both the methods efficiently solve the issue where the covariance matrix is singular. Real data analysis shows that the two proposed distances are very efficient in the diagnosis of threat degree of IP addresses. |
| |
| Keywords: | DNS generalized Mahalanobis distance regularized Mahalanobis distance IP address threat degree diagnosis |
| 本文献已被 CNKI 等数据库收录! |
| 点击此处可从《》浏览原始摘要信息 |
| 点击此处可从《》下载免费的PDF全文 |
