Research On Detection And Control Of Network Malicious Flows

The network services and applications need more robust and securer networks. Meanwhile, the network intrusions and attacks have been become more pervasive and devastating, which threaten the security of Internet. Particularly, the larger-scale network malicious flows, including distributed denial-of-service (DDoS) attacks and self-propagating Worms, impact and impingement the security and robustness of the Internet deeply. Flushing in the Internet for the certain time and misusing the network resource, the high-bandwidth malicious flows breakage the key equipment elements of networks, reduce the Quality-of-Service (QoS) performance and demolish the availability and usability of networks. For the objective of effective network defenses of malicious flows, this dissertation focused the deep researches of detection and control for the malicious flows, including the followings:To detect the malicious flows, the dissertation proposed the network anomaly detection approach based on the Vector Quantization (VQ). The construction of network traffic usage profile is first important in anomaly detection. The data compression and VQ method were proposed to analysis the usage patterns of network traffic. By the similarity partition of network traffic usage space, the codebook of VQ can describe the network traffic usage profile accurately and achieved the usage space index via the VQ. Because of the large data in network traffic, the network anomaly detection needs more efficient algorithms. The fast Nearest-Neighbor search algorithm was proposed to accelerate the process of anomaly detection. It can reduce the unnecessary vector similarity measures, producing a large computation time saving and the high real-time performance of anomaly detection system. At last of this part, the overall performance evaluation and analysis comparison ware achieved to validate the effective of methods.The dissertation analyzed the malicious flow behavior based on the resource control and allocation-competition. Furthermore, the network resource control model for malicious flows was proposed analyze the relationships of resource allocation fairness, network robustness and network control. The characters of...