CN105915399B - A kind of network risks source retroactive method based on backpropagation - Google Patents
A kind of network risks source retroactive method based on backpropagation Download PDFInfo
- Publication number
- CN105915399B CN105915399B CN201610482278.6A CN201610482278A CN105915399B CN 105915399 B CN105915399 B CN 105915399B CN 201610482278 A CN201610482278 A CN 201610482278A CN 105915399 B CN105915399 B CN 105915399B
- Authority
- CN
- China
- Prior art keywords
- node
- infected
- risk
- network
- source
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/12—Discovery or management of network topologies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a kind of network risks source retroactive method based on backpropagation, comprising: will be ready monitored user setting in network for monitoring node and be monitored;Mark all infected monitoring nodes, it is infected the risk of time difference Flooding broadcast label in extracted network topology from infected monitoring node according to monitoring node, the node of all label risks can be received in statistics network topology simultaneously and the node is added in the set of potential risks source;Based on the dynamic of potential risks source set and network node condition conversion during Risk of Communication, the microcosmic propagation model of network risks is established;Based on the microcosmic propagation model, risk source is positioned from the set of the potential risks source using Maximum Likelihood Estimation Method.The method of the present invention can obtain more accurate network risks by comparing small calculation amount and trace to the source result under the premise of protecting most privacy of user.
Description
Technical field
This invention belongs to the information security field of online network.It specifically, is a kind of extensive online by monitoring
Fraction of subscribers in network, in a network after occurrence risk (rumour, worm-type virus, electric network fault) communication events, safe people
Member can quickly, be accurately inferred to according to limited monitoring information and network topology Risk of Communication source user (rumormonger,
Worm propagation source) method.
Background technique
The widely available of internet is easier us by rumour in disparate networks risk, such as online social networks wantonly
Meaning is propagated, and the Network Isolation failure of a large amount of hosts of virus infection on internet, smart grid leads to major power outage etc..Every year,
The loss of finance caused by due to these network risks and the wealth of society is countless.
Rumour, computer virus and smart power grid fault are all the network risks propagated in heterogeneous networks, in order to
Cope with these network risks, in a network by technological means trace back to they propagate sources very it is necessary to.Firstly, from the administration of justice
The angle of evidence obtaining, accurate positioning " cybercriminal " (rumormonger, virus-spreader) is extremely important, can provide technology evidence to beat
Hit cybercriminal.Facilitate the generation for determining network risks in time in addition, tracing back to network risks as quickly as possible and propagating source
Reason intervenes as early as possible it loss caused by can reducing to the full extent these network risks.Most efficient method is to complete
Network users are monitored, and know the infected absolute time of each user to judge that infected user is risk at first
Propagating source.But there are two significant drawbacks for processing in this way: on the one hand often scale is excessive for real-life network, the whole network prison
It is too high to control cost;On the other hand for the demand to secret protection, people are unwilling monitored in most cases and receive
Data acquisition.For example, the user experience plan of microsoft operation system and various antivirus softwares are solicited often through pop-up window
Whether user agrees to submit local safe operation log, and claims that these data can preferably protect user.However, big absolutely
Most users generally select refusal.Monitored user is ready this requires we can only monitor minority in network, is passed in risk
After broadcasting event generation, global propagation is speculated using efficient algorithm by the status information of these monitored nodes
Face, to obtain the propagation source of network risks.
For technological layer, this kind of research can be referred to as source retrospect problem, and purpose is namely based on limited network
The safe condition of structure knowledge and part of nodes comes the propagation source of localization message or network risks.It is traditional in academia
Source trace-back technique has IP tracking and stepping-stone detection, but they are not usually effective.This is because they are only
It can determine that the source of data packet is usual from the true source of the data packet of some intended recipient, and in actual communication process
Only network risks propagate participant, turn originator rather than true source.Risk of Communication source is efficiently positioned to be more acurrate, urgently
It needs to trace problem in the level of the application and logical construction design more advanced algorithm of application and technology to handle source, and not only
It is only to carry out retrospect source using the log information of IP layers and data packet forwarding.
In recent years, many researchers had done relevant work to source retrospect problem.Initial research just for
The tree network that traditional SI model is propagated, further occur in tree network with other propagation models such as SIS, SIR's
Source traces algorithm.As technology further develops, source retrospect algorithm is no longer limited to tree network, starts to general networking
The structure risk problem of tracing to the source is studied.In general, source retrospect otherwise it is optimal to seek by the calculating of tight, high complexity
Solution or Best Times performance is realized by simplified heuritic approach.But these algorithms are generally existing great
It is insufficient.Computationally intensive first (needing all users in test network), secondly positioning is not very accurate.Chinese Academy of Sciences's classification
The 1 upper survey article delivered in 2014 of area periodical IEEE Communications Surveys and Tutorials of the world
《Identifying Propagation Sources in Networks:State-of-the-Art and Comparative
Studies " point out academic circles at present it is more advanced source retrospect 80% or more algorithm will navigate to 2~4 network topologies away from
From errors present (being calculated according to hops), therefore be not able to satisfy actual needs.There is an urgent need for more efficient for academia and industry
Risk source searching method solve this problem.
Summary of the invention
It is an object of the invention to overcome the deficiencies in the prior art, propose a kind of network risks source based on backpropagation
Retroactive method.This method can obtain more under the premise of protecting most privacy of user by comparing small calculation amount
It traces to the source for accurate network risks and judicial evidence collection and risk is carried out to the network crime as a result, can be applicable in large-scale online network
In repair process.
The present invention finds Risk of Communication source by suspect's search strategy of criminal investigation, and previous algorithm is dfficult to apply to
Large scale network applies the algorithm of forefathers in live network, and complexity, accuracy and its time loss will be difficult to bear.Cause
This, this process for finding Risk of Communication source is divided into two subprocess by the present invention: being reduced search for by back propagation first
Secondly range finds real risk source in the range after diminution.
Specifically, back propagation will monitor vertex ticks, mark then is sent from monitoring node broadcasts (flooding is propagated)
The risk of note.The logic of the method is: sending if can receive all monitoring nodes simultaneously there are node in network topology
Label risk, then these nodes are likely to be Risk of Communication source.This algorithm pays the utmost attention to accuracy, then considers operation
Efficiency.Due to the screening Jing Guo previous step, the fraction network user is only existed in the set of potential risks source.Pole is used later
The microcosmic propagation model test potential risks source set of maximum-likelihood estimation technique combination risk, further to position Risk of Communication
Source.The principle of this step is: testing each potential risks source as propagating source, propagates certain time with microcosmic propagation model
After a possibility that capable of obtaining current network state.Each potential risks source is substituted into propagation formula respectively and calculates current net
The likelihood function of network shape probability of state, then the potential risks source that can obtain maximum likelihood value are most likely to be the true source of infection
Head.
The technical solution adopted by the present invention to solve the technical problems is:
A kind of network risks source retroactive method based on backpropagation, comprising:
It will be ready monitored user setting in network for monitoring node and be monitored;
Network risks communication events occur after a certain period of time, to mark all infected monitoring nodes, according to monitoring node quilt
The infection time difference risk that Flooding broadcast marks in extracted network topology from infected monitoring node, statistics network
The node of all label risks can be received in topology simultaneously and the node is added in the set of potential risks source;
Based on the dynamic of potential risks source set and network node condition conversion during Risk of Communication, net is established
The microcosmic propagation model of network risk;The state includes health, Infection Status and is infected and has infectivity;
Based on the microcosmic propagation model, wind is positioned from the set of the potential risks source using Maximum Likelihood Estimation Method
Dangerous source.
Preferably, described to be ready monitored user setting in network for monitoring node and be monitored, monitoring information
Include:
Whether monitoring node receives risk of infection;
If monitoring node receives risk of infection, the monitoring information further include: the monitoring infected absolute time of node
Between.
Preferably, the monitoring node infected time difference is indicated with following formula:
di=max (T)-τi
Wherein, i indicates that i-th of infected monitoring node, i ∈ [1, n], n indicate the sum of infected monitoring node;
T={ τ1, τ2...τnIndicate the monitoring infected absolute time of node.
Preferably, according to monitoring node be infected the time difference from infected monitoring node in extracted network topology
The risk of Flooding broadcast label can receive the nodes of all label risks in statistics network topology and by the node simultaneously
It is added in the set of potential risks source, comprising:
The infected time difference of infected monitoring node arrives, and infected monitoring node is sent to its all adjacent node
By the risk copy of vertex ticks;
After any node in network topology receives the risk copy of infected monitoring vertex ticks for the first time, broadcast should
Risk copy is to its all adjacent node;
If any node in network topology has received the risk copy of all infected monitoring vertex ticks simultaneously,
Then the node is added in the set of potential risks source.
Preferably, it is described based on potential risks source set and network node during Risk of Communication condition conversion it is dynamic
State property, the microcosmic propagation model for establishing network risks include:
Following iterative formula is established to indicate the propagation of risk:
PS(i, t;U)=[1-v (i, t)] PS(i, t-1;u)
PI(i, t;U)=v (i, t) PS(i, t-1;u)+PI(i, t-1;u)
Pc(i, t;U)=v (i, t) PS(i, t-1;u)
Wherein, PS(i, t;u),PI(i, t;u),Pc(i, t;U) network risks are respectively indicated to open from potential propagating source u ∈ U
Beginning, propagates S, I and C-shaped probability of state after the t time, U indicates potential risks source set, and S represents health, and I represents Infection Status,
C indicates infected and has infectivity;V (i, t) indicates the infected probability of t moment node, ηij∈ [0,1] is any in network
The history probability of spreading of two nodes, ηijIndicate that there is no connection, η between node i, j when=0ij=1 expression node i will receive
Any information be all transmitted to node j;NiIndicate the set of the adjacent node of node i.
Preferably, described to be based on the microcosmic propagation model, using Maximum Likelihood Estimation Method from the potential risks source
Risk source is positioned in set, comprising:
The likelihood function L (u, t) of potential propagating source u is calculated using following formula:
Wherein, SIIndicate infected monitoring node set, SHIndicate not infected monitoring node set, tiIt is to be felt
Contaminate the infected absolute time of node;
The possibility predication of communication events is obtained using following formula
Wherein SI, SHS in ∈ S indicates all monitoring node sets;
Likelihood function is taken to u when maximum using following formulafAnd tfWhen respectively as Risk of Communication source and Risk of Communication
Between estimated value:
The invention has the following beneficial effects:
1, precision is high: by some reality catenet US.Power Grid, Facebook, AS-level
100 experiments of tracing to the source are carried out on Internet respectively.Wherein, 80% or so essence can be reached on US.Power Grid network
True rate, in addition 20% position error arrives 3hops 1.And the method for the present invention can on Facebook and AS-Internet
100% ground navigates to risk source, is significantly better than current network risks and traces to the source algorithm.
2, a variety of different network architectures are adapted to, such as there is the Facebook of small world and there are Power Laws
AS-level Internet network etc..
3, calculation amount is small: back-propagation algorithm greatly reduces source search range, computationally intensive compared to traditional algorithm
It is big to reduce.
Invention is further described in detail with reference to the accompanying drawings and embodiments, but one kind of the invention is based on reversed pass
The network risks source retroactive method broadcast is not limited to the embodiment.
Detailed description of the invention
Fig. 1 is the main flow chart of the method for the present invention;
Fig. 2 is the schematic diagram that back propagation of the invention reduces searching method;
Fig. 3 is the condition conversion figure of network individual of the invention during Risk of Communication;
Fig. 4 is trace to the source experimental result picture of the method for the present invention on three kinds of real networks.
Specific embodiment
Referring to Fig. 1, a kind of network risks source retroactive method based on backpropagation includes the following steps:
Step 101, it will be ready monitored user setting in network for monitoring node and be monitored;
Step 102, network risks communication events occur after a certain period of time, all infected monitoring nodes to be marked, according to prison
The risk that node is infected time difference Flooding broadcast label in extracted network topology from infected monitoring node is controlled,
The node of all label risks can be received in statistics network topology simultaneously and the node is added to potential risks source collection
In conjunction;
Step 103, the dynamic based on potential risks source set and network node condition conversion during Risk of Communication
Property, establish the microcosmic propagation model of network risks;The state includes health, Infection Status and is infected and has infectivity;
Step 104, it is based on the microcosmic propagation model, is gathered using Maximum Likelihood Estimation Method from the potential risks source
Middle positioning risk source.
It will be described in detail the network risks source retroactive method based on backpropagation as follows.
It is a certain proportion of in monitoring network to be ready that monitored user, safety manager extract its various shape at any time
Whether state information, the status information including but not limited to receive risk of infection and its corresponding infected absolute time
Between.
Further, when network risks communication events have occurred after a certain period of time, safety manager saves all monitoring
Point label, it is then big vast in extracted network topology from infected monitoring node according to the infected time difference of monitoring node
The risk of general formula broadcast flag.The user that all label risks can be received in network topology simultaneously is potential risk resource,
It adds it in the set of potential risks source.
The collection potential risk resource pseudocode of above-mentioned steps is as follows:
In above-mentioned pseudocode, di=max (T)-τi, (i ∈ [1, n]), n indicates the sum of infected monitoring user, and i is
Variable in section [1, n], for indicating i-th of user.And T={ τ1, τ2...τn(n=| SI|) indicate infected user's quilt
The absolute time of infection.tmaxIndicate the wheel number of backpropagation, and tmax> max (di)。
In the present embodiment, it is illustrated in figure 2 the schematic diagram that back propagation reduces searching method, wherein figure (a) indicates base
This network topology structure, figure (b) indicate Risk of Communication event, and figure (c) indicates backpropagation event.By anti-in figure (c)
Send the risk of label according to the time difference of infection from infected monitoring node to diffusion method.Such as Fig. 2, according to infected section
The absolute time difference of infection of point is classified, be divided into tetra- class of A, B, C, D (have larger class in actual conditions, in figure only with
For four classes).Assuming that T={ τ1, τ2...τn(n=| SI|) indicate the infected infected absolute time of user, then when infecting
Between difference di=max (T)-τi, (i ∈ [1, n]).By di=0,1,2,3 node is respectively labeled as D, C, B, A class node.It is reversed to pass
Sowing time A class node is first broadcasted, B class node broadcasts after the unit time, and so on.All label risks are received in network simultaneously
Node be then potential risk source node.After backpropagation, lesser potential risk resource set is obtained, and risk source is first fixed
In this set.
Further, the microcosmic propagation model of network risks is established.In the microcosmic propagation model of risk, it is of interest that network
Dynamic of the individual consumer in the condition conversion of Risk of Communication process.Following four iterative formula is provided as follows to indicate risk
It propagates:
PS(i, t;U)=[1-v (i, t)] PS(i, t-1;u) (1)
PI(i, t;U)=v (i, t) PS(i, t-1;u)+PI(i, t-1;u) (2)
Pc(i, t;U)=v (i, t) PS(i, t-1;u) (4)
Wherein, S represents health, and I is represented Infection Status (not having infectivity), and C indicates that node is infected and has infection
Property.(such as Fig. 3 indicates condition conversion figure of network individual during Risk of Communication, similar with reality, does not consider risk
Superinfection.User only can propagate risk in infected next round, then lose infectivity, become I state, I state will not
Retransmit risk.).Formula (1), (2), the P in (4)S(i, t;u),PI(i, t;u),Pc(i, t;U) network risks are respectively indicated
It is S, I and C-shaped probability of state after the propagation t time since propagating source u ∈ U.ηij∈ [0,1] is that any two are used in network
The history probability of spreading at family.Work as ηijIndicate that there is no connection, η between node i, j when=0ij=1 indicates that user i is received newly in every case
Information all will be forwarded to user j.V (i, t) indicates the infected probability of t moment individual and its all topological neighbours (NiIt indicates
The neighbor user set of user i) Pc(i, t;U) related.
Further, the potential risk resource set based on confirmation, using Maximum Likelihood Estimation Method come from potential risk resource collection
Real risk source, i.e. positioning risk source are confirmed in conjunction.Specific method can be obtained by following three formula:
Wherein, SIIt is infected monitoring user set, SHIt is not infected monitoring user set, tiIt is infected use
The infected absolute time in family.All potential risks source u ∈ U utilization (5) formula is calculated into its likelihood function L (u, t) first.Cause
Repeatedly risky copy may be received simultaneously in different moments for each potential risks source, thus by (6) formula come
Obtain the possibility predication in propagation timeIt is solved finally by (7) formula, likelihood function is taken to u when maximumfAnd tfPoint
Estimated value not as Risk of Communication source and Risk of Communication time.
Specifically, dividing on some reality catenet US.Power Grid, Facebook, AS-level Internet
Carry out not trace to the source for 100 times experiment, the experimental result picture of tracing to the source being illustrated in figure 4 on above-mentioned three kinds real networks, and δ is quilt in figure
Monitoring user accounts for the ratio of the total user of network.Wherein, can averagely reach on US.Power Grid network 80% or so it is accurate
Rate, in addition 20% position error arrives 3hops 1.And the method for the present invention can on Facebook and AS-Internet
100% ground navigates to risk source, is significantly better than current network risks and traces to the source algorithm.
The foregoing is merely presently preferred embodiments of the present invention, is not intended to limit the invention, it is all in spirit of the invention and
Within principle, any modification, equivalent replacement, improvement and so on be should all be included in the protection scope of the present invention.
Claims (2)
1. a kind of network risks source retroactive method based on backpropagation, it is characterized in that, comprising:
It will be ready monitored user setting in network for monitoring node and be monitored;
All infected monitoring nodes are marked, are infected the time difference from infected monitoring node to having extracted according to monitoring node
Network topology on Flooding broadcast label risk, statistics network topology in can receive simultaneously it is all label risks nodes
And the node is added in the set of potential risks source;
Based on the dynamic of potential risks source set and network node condition conversion during Risk of Communication, network wind is established
The microcosmic propagation model of danger;The state includes health, Infection Status and is infected and has infectivity;
Based on the microcosmic propagation model, risk source is positioned from the set of the potential risks source using Maximum Likelihood Estimation Method
Head;
Wherein, described to be ready monitored user setting in network for monitoring node and be monitored, monitoring information includes:
Whether monitoring node receives risk of infection;
If monitoring node receives risk of infection, the monitoring information further include: the monitoring infected absolute time of node;
The monitoring node infected time difference is indicated with following formula:
di=max (T)-τi
Wherein, i indicates that i-th of infected monitoring node, i ∈ [1, n], n indicate the sum of infected monitoring node;T=
{τ1, τ2...τnIndicate the monitoring infected absolute time of node;
Time difference Flooding broadcast in extracted network topology from infected monitoring node is infected according to monitoring node
The risk of label, statistics network topology in can receive simultaneously it is all label risks nodes and the node is added to potential
Risk source set in, comprising:
The infected time difference of infected monitoring node arrives, and infected monitoring node is saved to its all adjacent node transmission
The risk copy of point label;
After any node in network topology receives the risk copy of infected monitoring vertex ticks for the first time, the risk is broadcasted
Copy is to its all adjacent node;
If any node in network topology has received the risk copy of all infected monitoring vertex ticks simultaneously,
The node is added in the set of potential risks source;
The dynamic based on potential risks source set and network node condition conversion during Risk of Communication, establishes net
The microcosmic propagation model of network risk includes:
Following iterative formula is established to indicate the propagation of risk:
PS(i, t;U)=[1-v (i, t)] PS(i, t-1;u)
PI(i, t;U)=v (i, t) PS(i, t-1;u)+PI(i, t-1;u)
Pc(i, t;U)=v (i, t) PS(i, t-1;u)
Wherein, PS(i, t;u),PI(i, t;u),Pc(i, t;U) network risks are respectively indicated since potential propagating source u ∈ U, are passed
S, I and C-shaped probability of state after the t time are broadcast, U indicates potential risks source set, and S represents health, and I represents Infection Status, C expression
It is infected and there is infectivity;V (i, t) indicates the infected probability of t moment node, ηij∈ [0,1] is any two in network
The history probability of spreading of node, ηijIndicate that there is no connection, η between node i, j when=0ij=1 expression node i is appointed what is received
What information is all transmitted to node j;NiIndicate the set of the adjacent node of node i.
2. the network risks source retroactive method according to claim 1 based on backpropagation, which is characterized in that the base
In the microcosmic propagation model, risk source, packet are positioned from the set of the potential risks source using Maximum Likelihood Estimation Method
It includes:
The likelihood function L (u, t) of potential propagating source u is calculated using following formula:
Wherein, SIIndicate infected monitoring node set, SHIndicate not infected monitoring node set, tiIt is infected section
The infected absolute time of point;
The possibility predication of communication events is obtained using following formula
Wherein SI, SHS in ∈ S indicates all monitoring node sets;
Likelihood function is taken to u when maximum using following formulafAnd tfRespectively as Risk of Communication source and Risk of Communication time
Estimated value:
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610482278.6A CN105915399B (en) | 2016-06-27 | 2016-06-27 | A kind of network risks source retroactive method based on backpropagation |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610482278.6A CN105915399B (en) | 2016-06-27 | 2016-06-27 | A kind of network risks source retroactive method based on backpropagation |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105915399A CN105915399A (en) | 2016-08-31 |
| CN105915399B true CN105915399B (en) | 2019-02-26 |
Family
ID=56759754
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610482278.6A Active CN105915399B (en) | 2016-06-27 | 2016-06-27 | A kind of network risks source retroactive method based on backpropagation |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105915399B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106411904B (en) * | 2016-10-10 | 2019-05-03 | 华侨大学 | A kind of network risks control method based on microstate prediction |
| CN106557985B (en) * | 2016-11-21 | 2020-03-24 | 云南大学 | Social network information propagation source solving method based on random walk |
| CN111695760B (en) * | 2020-04-23 | 2023-04-07 | 优渊领智科技(武汉)有限公司 | Production quality risk recording and tracing method and system |
| CN113222774B (en) * | 2021-04-19 | 2023-05-23 | 浙江大学 | Social network seed user selection method and device, electronic equipment and storage medium |
| CN113553541B (en) * | 2021-06-04 | 2023-10-13 | 扬州大学 | Independent path analysis-based source positioning method under independent cascade model |
| CN114693464B (en) * | 2022-03-08 | 2023-04-07 | 电子科技大学 | Self-adaptive information propagation source detection method |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103347279A (en) * | 2013-07-11 | 2013-10-09 | 清华大学 | Transmitting method and transmitting system based on risk assessment |
| CN104361231A (en) * | 2014-11-11 | 2015-02-18 | 电子科技大学 | Method for controlling rumor propagation in complicated network |
| CN104579815A (en) * | 2014-09-15 | 2015-04-29 | 南京航空航天大学 | Probability model checking method for network protection strategy |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2006132987A1 (en) * | 2005-06-03 | 2006-12-14 | Board Of Trustees Of Michigan State University | Worm propagation modeling in a mobile ad-hoc network |
-
2016
- 2016-06-27 CN CN201610482278.6A patent/CN105915399B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103347279A (en) * | 2013-07-11 | 2013-10-09 | 清华大学 | Transmitting method and transmitting system based on risk assessment |
| CN104579815A (en) * | 2014-09-15 | 2015-04-29 | 南京航空航天大学 | Probability model checking method for network protection strategy |
| CN104361231A (en) * | 2014-11-11 | 2015-02-18 | 电子科技大学 | Method for controlling rumor propagation in complicated network |
Non-Patent Citations (2)
| Title |
|---|
| Locating the Source of Diffusion in Large-Scale Networks;Pedro C. Pinto等;《Physical Review Letters》;20120831;全文 |
| 面向社交网络信息源定位的观察点部署方法;张聿博等;《软件学报》;20141231;第25卷(第12期);全文 |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105915399A (en) | 2016-08-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105915399B (en) | A kind of network risks source retroactive method based on backpropagation | |
| Wang et al. | The evolution of the Internet of Things (IoT) over the past 20 years | |
| Jiang et al. | Identifying propagation sources in networks: State-of-the-art and comparative studies | |
| US20210352090A1 (en) | Network security monitoring method, network security monitoring device, and system | |
| Cui et al. | SD-Anti-DDoS: Fast and efficient DDoS defense in software-defined networks | |
| CN102571484B (en) | Method for detecting and finding online water army | |
| Le et al. | Traffic dispersion graph based anomaly detection | |
| CN106411904B (en) | A kind of network risks control method based on microstate prediction | |
| CN109218304B (en) | Network risk blocking method based on attack graph and co-evolution | |
| CN102035698A (en) | HTTP tunnel detection method based on decision tree classification algorithm | |
| CN108600009A (en) | A kind of network alarm root localization method based on alarm data analysis | |
| Hu et al. | Attack scenario reconstruction approach using attack graph and alert data mining | |
| CN106789333B (en) | A kind of complex network propagating source independent positioning method based on time layering | |
| Wang et al. | Botnet detection using social graph analysis | |
| CN116527362A (en) | Data protection method based on LayerCFL intrusion detection | |
| Zhang et al. | K-coverage: A monitor node selection algorithm for diffusion source localizations | |
| CN112235254B (en) | Rapid identification method for Tor network bridge in high-speed backbone network | |
| Alani et al. | A two-stage cyber attack detection and classification system for smart grids | |
| Affinito et al. | Spark-based port and net scan detection | |
| CN202424749U (en) | Intranet flow control system | |
| Li et al. | Web application-layer DDOS attack detection based on generalized Jaccard similarity and information entropy | |
| Shao et al. | Distributed immune time-delay SEIR-S model for new power system information network virus propagation | |
| CN103118362B (en) | Wormhole topology identification method based on multidimensional scale change | |
| CN111224942B (en) | Malicious software propagation control method and device based on ternary association diagram detection | |
| Huabing et al. | Real-time detection method for mobile network traffic anomalies considering user behavior security monitoring |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |