Á¤º¸°úÇÐȸ³í¹®Áö (Journal of KIISE)
Current Result Document :
| ÇѱÛÁ¦¸ñ(Korean Title) |
X-means Ŭ·¯½ºÅ͸µÀ» ÀÌ¿ëÇÑ ¾Ç¼º Æ®·¡ÇÈ Å½Áö ¹æ¹ý |
| ¿µ¹®Á¦¸ñ(English Title) |
A Malicious Traffic Detection Method Using X-means Clustering |
| ÀúÀÚ(Author) |
ÇѸíÁö
ÀÓÁöÇõ
ÃÖÁØ¿ë
±èÇöÁØ
¼Á¤ÁÖ
À¯Ã¶
±è¼º·Ä
¹Ú±Ù¼ö
Myoungji Han
Jihyuk Lim
Junyong Choi
Hyunjoon Kim
Jungjoo Seo
Cheol Yu
Sung-Ryul Kim
Kunsoo Park
|
| ¿ø¹®¼ö·Ïó(Citation) |
VOL 41 NO. 09 PP. 0617 ~ 0624 (2014. 09) |
Çѱ۳»¿ë
(Korean Abstract) |
¾Ç¼º Æ®·¡ÇÈÀº µðµµ½º °ø°Ý, º¿³Ý Åë½Å µîÀÇ ÀÎÅÍ³Ý ¸ÁÀ» ±³¶õ½ÃÅ°°Å³ª ƯÁ¤ ³×Æ®¿öÅ©, ¼¹ö, ȤÀº È£½ºÆ®¿¡ ÇÇÇظ¦ ±âÄ¥ Àǵµ¸¦ °¡Áö°í ¹ß»ý½ÃÅ°´Â Æ®·¡ÇÈÀ» ÁöĪÇÑ´Ù. ÀÌ¿Í °°Àº ¾Ç¼º Æ®·¡ÇÈÀº ÀÎÅͳÝÀÌ ¹ß»ýÇÑ ÀÌ·¡ ²ÙÁØÈ÷ ¾ç°ú Áú¿¡¼ ÁøÈÇÏ°í ÀÖ°í ÀÌ¿¡ ´ëÇÑ ´ëÀÀ ¿¬±¸µµ °è¼ÓµÇ°í ÀÖ´Ù. ÀÌ ³í¹®¿¡¼´Â ¾Ç¼º Æ®·¡ÇÈÀ» ±âÁ¸ X-means Ŭ·¯½ºÅ͸µ ¾Ë°í¸®ÁòÀ» Àû¿ëÇÏ¿© È¿°úÀûÀ¸·Î ŽÁöÇÏ´Â ¹æ¹ýÀ» Á¦½ÃÇÏ¿´´Ù. ƯÈ÷ ¾Ç¼º Æ®·¡ÇÈÀÇ Åë°èÀû Ư¡À» ºÐ¼®ÇÏ°í Ŭ·¯½ºÅ͸µÀ» À§ÇÑ ¸ÞÆ®¸±À» Á¤ÀÇÇÏ´Â ¹æ¹ýÀ» ü°èÀûÀ¸·Î Á¦½ÃÇÏ¿´´Ù. ¶ÇÇÑ µÎ °³ÀÇ °ø°³µÈ Æ®·¡ÇÈ µ¥ÀÌÅÍ¿¡ ´ëÇÑ ½ÇÇèÀ» ÅëÇØ ½ÇÈ¿¼ºÀ» °ËÁõÇÏ¿´´Ù.
|
¿µ¹®³»¿ë
(English Abstract) |
Malicious traffic, such as DDoS attack and botnet communications, refers to traffic that is generated for the purpose of disturbing internet networks or harming certain networks, servers, or hosts. As malicious traffic has been constantly evolving in terms of both quality and quantity, there have been many researches fighting against it. In this paper, we propose an effective malicious traffic detection method that exploits the X-means clustering algorithm. We also suggest how to analyze statistical characteristics of malicious traffic and to define metrics that are used when clustering. Finally, we verify effectiveness of our method by experiments with two released traffic data.
|
| Å°¿öµå(Keyword) |
¾Ç¼ºÆ®·¡ÇÈ
µðµµ½º°ø°Ý
º¿³Ý
Ŭ·¯½ºÅ͸µ
¸ÞÆ®¸¯
malicious traffic
DDoS attack
botnet
clustering
metrics
|
| ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|
