| This thesis focuses on obtained ICMP dataflow information from the Regional Network Center Routers. CURE clustering algorithm for the use of ICMP data flow for cluster analysis. The results of the high similarity ICMP packets were together in a cluster and advanced treatment. There are many types of ICMP. In the paper, we mainly target ICMP will pose serious threats to the six types of cluster analysis. To make the results easy to observe, Finally, we use of cluster and the overall average frequency of occurrence compared ICMP graphics to express the emergence of clusters in the law of ICMP.ICMP characteristics of the agreement itself determines that it is easy to be used for attacks on the network routers and hosts. It is this large number of ICMP packets sent to the network switching system load caused great to allow for the exchange of information can not be smooth. Hosts on the network if infected with the virus with the ICMP, is a very obvious is the characterization of a large number of outgoing ICMP packets. So, a certain amount of time outside the host send a certain number of ICMP packets that can be regarded as infected with a virus. We analysis of ICMP packet clustering results. Study of the cluster in the frequency of various types of ICMP. Thus the focus of research shifted to the various types of ICMP on the cluster, the results and help guide the ICMP traffic Detecting, and is no longer the law of large number of non- Detecting of the ICMP data. |
PDF Full Text Request