【摘要】：惡意的不法分子采用直接或間接的方法攻擊個人、機構、國家,從而使其遭受不同程度的威脅。此類信息的形式多種多樣,數(shù)據(jù)量巨大,而且需要被高速地處理。因此,首先對5種典型的協(xié)作式檢測模型Esper,Hadoop,Agilis,Storm和Spark進行分析、比較,闡述不同模型所適用的網(wǎng)絡環(huán)境;然后對網(wǎng)絡環(huán)境中常用的攻擊手段DDoS,MITM,APT進行分析,說明檢測這些攻擊適合采用的模型;最后給出威脅的協(xié)作式檢測架構模型部署方案,該方案包括發(fā)送和接收處理兩個組件,并指出可根據(jù)實際需要進行不同模型的架構部署;特別地,給出了對等網(wǎng)絡、分等級的安全域網(wǎng)絡、分層結構網(wǎng)絡中架構模型的部署方案。
[Abstract]:Malicious wrongful elements use direct or indirect methods to attack individuals, institutions, and countries, so that they are subjected to varying degrees of threat. The form of such information is varied, the amount of data is huge, and it needs to be processed at high speed. Therefore, 5 typical cooperative detection models, Esper, Hadoop, Agilis, Storm and Spark, are analyzed first. The network environment suitable for different models is described, and then the common attack means DDoS, MITM, and APT in the network environment are analyzed to illustrate the model for detecting these attacks. Finally, the cooperative detection architecture model deployment scheme is given, which includes two components of sending and receiving processing, and pointing out that the scheme can be based on the reality. In particular, the deployment schemes of peer-to-peer network, hierarchical security domain network and hierarchical architecture model are given.
【作者單位】： 信息工程大學數(shù)學工程與先進計算國家重點實驗室;
【基金】：國家自然科學基金項目(61201220,61309018) 國家973計劃項目(2012CB315901) 十二五預研項目資助
【分類號】：TP393.08
，

本文編號：2160073