[1] 刘正. 浅析网络数据通信中的隐蔽通道技术[J]. 数字技术与应用, 2017(5):45.
[2] 王靖云,史建焘,张兆心,等. 基于相对密度的DNS请求数据流源IP异常检测算法[J]. 高技术通讯, 2016(10):849-856.
[3] 罗友强,刘胜利,颜猛,等. 基于通信行为分析的DNS隧道木马检测方法[J]. 浙江大学学报(工学版), 2017,51(9):1780-1787.
[4] YU B, SMITH L, THREEFOOT M. Behavior Analysis Based DNS Tunneling Detection and Classification Framework for Network Security[EB/OL]. (2016-10-06)[2019-01-19]. http://www.freepatentsonline.com/y2016/0294773.html.
[5] BORN K, GUSTAFSON D. Detecting DNS Tunnels Using Character Frequency Analysis[EB/OL]. [2019-01-19]. https://arxiv.org/ftp/arxiv/papers/1004/1004.4358.pdf.
[6] 章思宇,邹福泰,王鲁华. 基于DNS的隐蔽通道流量检测[J]. 通信学报, 2013(5):143-151.
[7] ENGELSTAD P, FENG B, DOV T. Detection of DNS tunneling in mobile networks using machine learning[C]// International Conference on Information Science and Applications. 2017:221-230.
[8] AIELLO M, MONGELLI M, CAMBIASO E, et al. Profiling DNS tunneling attacks with PCA and mutual information[J]. Logic Journal of the IGPL, 2016,24(6):957-970.
[9] 单康康,郭晔,陈文智,等. 基于混合分类算法模型的DNS隧道检测[J]. 通信学报, 2018,39(S1):53-57.
[10]DAVIS J J, FOO E. Automated feature engineering for HTTP tunnel detection[J]. Computers & Security, 2016,59(C):166-185.
[11]兰景宏,刘胜利,李晔. 一种基于多层联合分析的HTTP隧道木马检测方法[J]. 计算机应用研究, 2016,33(1):240-244.
[12]胡洋瑞,陈兴蜀,王俊峰,等. 基于流量行为特征的异常流量检测[J]. 信息网络安全, 2016(11):45-51.
[13]杨旭. 基于行为分析的网络异常流量分类和检测技术研究[D]. 银川:宁夏大学, 2016.
[14]周颖杰. 基于行为分析的通信网络流量异常检测与关联分析[D]. 成都:电子科技大学, 2013.
[15]王宏. 基于行为分析的通信网络流量异常检测与关联分析[J]. 通讯世界, 2015(4):90.
[16]王泰格,杨翌,邵玉如. HTTP隧道木马原理分析及检测方法研究[J]. 软件导刊, 2012,11(9):152-153.
[17]LI S Z, YUN X C, ZHANG Y Z, et al. Anomaly-based model for detecting HTTP-tunnel traffic using network behavior analysis[J]. High Technology Letters, 2014,20(1):63-69.
[18]丁要军,刘小豫. 基于决策树分类的HTTP隧道检测方法[J]. 咸阳师范学院学报, 2011,26(2):49-53.
[19]DING Y J, CAI W D. A method for HTTP-tunnel detection based on statistical features of traffic[C]// 2011 IEEE 3rd International Conference on Communication Software and Networks. 2011:247-250.
[20]王宜菲,杨亚磊,饶孟良. 基于C4.5的HTTP隧道检测技术研究[J]. 计算机工程与设计, 2012,33(2):493-497.
[21]孙海涛,刘胜利,陈嘉勇. 基于操作行为的隧道木马检测方法[J]. 计算机工程, 2011,37(20):123-126.
[22]RAO M L, CAI W D, DING Y J. Research on HTTP tunnel detection technique based on SVM[J]. Computer Engineering, 2011,37(13):141-143.
[23]KANTER J M, VEERAMACHANENI K. Deep feature synthesis: Towards automating data science endeavors[C]// 2015 IEEE International Conference on Data Science and Advanced Analytics. 2015:1-10.
[24]NASR M, HOUMANSADR A, MAZUMDARA. Compressive traffic analysis: A new paradigm for scalable traffic analysis[C]// Proceedings of 2017 ACM SIGSAC Conference on Computer and Communications Security. 2017:2053-2069. |