کد مقاله | کد نشریه | سال انتشار | مقاله انگلیسی | نسخه تمام متن |
---|---|---|---|---|
6883955 | 1444210 | 2018 | 32 صفحه PDF | دانلود رایگان |
عنوان انگلیسی مقاله ISI
FNF: Flow-net based fingerprinting and its applications
دانلود مقاله + سفارش ترجمه
دانلود مقاله ISI انگلیسی
رایگان برای ایرانیان
کلمات کلیدی
موضوعات مرتبط
مهندسی و علوم پایه
مهندسی کامپیوتر
شبکه های کامپیوتری و ارتباطات
پیش نمایش صفحه اول مقاله

چکیده انگلیسی
Relationships among events in conventional system and network logs are not explicitly recorded and can only be determined from examining ancillary attributes of the events, such as, time stamps and event identifiers, or sometimes the semantics of the event attributes with some learning algorithms. The accuracy of the event relations is subject to the design of the algorithms, the experience of the users of the algorithms, and the completeness and accuracy of the attributes and the semantics. On the other hand, a flow-net based logging approach builds comprehensive system and network logs in the forms of direct acyclic graph. Specifically, it records both flows of events and intersections of the flows, and the flows capture relations among the events explicitly in real time and allow tracking the events and analyzing event relation efficiently. Taking advantage of flow-net based logs, we propose a flow-net based fingerprinting (FNF) scheme to capture system or network behaviors, and design a fingerprint lookup algorithm to solve the fingerprint matching problem, i.e., to determine whether a flow-net log contains the behavior characterized by some behavior fingerprints. To demonstrate the effectiveness of the flow-net based fingerprinting scheme, we conduct evaluation experiments where we apply the FNF to detecting a few known malicious behaviors in TCP/IP networks. The evaluation results demonstrate that FNF has superior computational efficiency to those based on conventional logging schemes.
ناشر
Database: Elsevier - ScienceDirect (ساینس دایرکت)
Journal: Computers & Security - Volume 75, June 2018, Pages 167-181
Journal: Computers & Security - Volume 75, June 2018, Pages 167-181
نویسندگان
Bo Fu, Yang Xiao, Hui Chen,