Task-Oriented Network Abnormal Behavior Detection Method. (30th June 2022)
- Record Type:
- Journal Article
- Title:
- Task-Oriented Network Abnormal Behavior Detection Method. (30th June 2022)
- Main Title:
- Task-Oriented Network Abnormal Behavior Detection Method
- Authors:
- Li, Tao
Dong, Wenzhe
Hu, Aiqun
Han, Jinguang - Other Names:
- Babaie Shahram Academic Editor.
- Abstract:
- Abstract : Since network systems have become increasingly large and complex, the limitations of traditional abnormal packet detection have gradually emerged. The existing detection methods mainly rely on the recognition of packet features, which lack the association of specific applications and result in hysteresis and inaccurate judgement. In this paper, a task-oriented abnormal packet behavior detection method is proposed, which creatively collects action identifications during the execution of network tasks and inserts security labels into communication packets. Specifically, this paper defines the network tasks as a collection of state and action sequences to achieve the fine-grained division of the execution of network tasks, performs Hash value matching based on random communication string and action identification sequence for packet authentication, and proposes a mechanism of action identification sequence matching and abnormal behavior decision-making based on a finite state machine, according to the fine-grained monitoring of task execution action sequence. Furthermore, to verify the validity of the anomaly detection method proposed in this paper, a prototype based on the FTP communication platform is constructed, on which the simulation experiments, including the DDOS attack and backdoor attack, are conducted. The experimental results show that the proposed task-oriented abnormal behavior detection method can effectively intercept network malicious data packetsAbstract : Since network systems have become increasingly large and complex, the limitations of traditional abnormal packet detection have gradually emerged. The existing detection methods mainly rely on the recognition of packet features, which lack the association of specific applications and result in hysteresis and inaccurate judgement. In this paper, a task-oriented abnormal packet behavior detection method is proposed, which creatively collects action identifications during the execution of network tasks and inserts security labels into communication packets. Specifically, this paper defines the network tasks as a collection of state and action sequences to achieve the fine-grained division of the execution of network tasks, performs Hash value matching based on random communication string and action identification sequence for packet authentication, and proposes a mechanism of action identification sequence matching and abnormal behavior decision-making based on a finite state machine, according to the fine-grained monitoring of task execution action sequence. Furthermore, to verify the validity of the anomaly detection method proposed in this paper, a prototype based on the FTP communication platform is constructed, on which the simulation experiments, including the DDOS attack and backdoor attack, are conducted. The experimental results show that the proposed task-oriented abnormal behavior detection method can effectively intercept network malicious data packets and realize the active security defense for network systems. … (more)
- Is Part Of:
- Security and communication networks. Volume 2022(2022)
- Journal:
- Security and communication networks
- Issue:
- Volume 2022(2022)
- Issue Display:
- Volume 2022, Issue 2022 (2022)
- Year:
- 2022
- Volume:
- 2022
- Issue:
- 2022
- Issue Sort Value:
- 2022-2022-2022-0000
- Page Start:
- Page End:
- Publication Date:
- 2022-06-30
- Subjects:
- Computer networks -- Security measures -- Periodicals
Computer security -- Periodicals
Cryptography -- Periodicals
005.805 - Journal URLs:
- http://onlinelibrary.wiley.com/journal/10.1002/(ISSN)1939-0122 ↗
https://www.hindawi.com/journals/scn/ ↗
http://onlinelibrary.wiley.com/ ↗ - DOI:
- 10.1155/2022/3105291 ↗
- Languages:
- English
- ISSNs:
- 1939-0114
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD Digital store
- Ingest File:
- 22329.xml