DDoS攻击的检测及网络安全可视化研究
|
摘要
网络安全可视化是近年来国外研究的热点领域。与传统的分析日志数据方法不同,可视化技术带来网络安全研究方法的变革。它不仅能有效处理海量数据信息,而且通过对图形图像模式的分析帮助网络管理人员快速识别潜在的攻击和异常事件,甚至发现新的攻击类型和对安全事件做出预测。本文主要针对DDoS攻击的网络安全可视化问题进行了深入研究。
针对利用小波分析法求解Hurst参数值检测DDoS攻击,求得参数值不够精确,易造成漏报、误报,加上运用小波分析法需要的样本容量较大,计算过程缓慢,不能准确快速地识别弱DDoS攻击等特点,本文提出了一种改进的小波分析法的DDoS检测技术。根据主成分分析法将网络数据进行维数约减,然后利用小波分析法对降维后的数据求解自相似参数Hurst;提出了针对大规模网络数据维数约减的改进的主成分分析法。新算法大大提高了检测速度,能准确地求解Husrt参数值。通过数值、图形等方式给出了实验结果,从多角度说明了新算法的有效性。
结合信息可视化流水线,本文研究了DDoS攻击可视化检测系统应采用的数据源、选取的可视化结构和应具备的交互功能,分析了国外现有有关DDoS攻击的网络安全可视化技术的优缺点,提出了一种新型DDoS攻击检测技术。从DDoS攻击形成的前期特征入手,通过对网络数据进行提取分析和统计,对数据按照一定的算法原则进行图形元素的属性计算并显示。最后设计并实现了专门针对DDoS攻击的显示工具DDoSViewer,实验证明新系统具有好的显示、交互等功能,能有效检测DDoS攻击。
目前基于端口扫描的网络安全可视化技术常常以时间作为最重要参数指标,往往只能检测那些较快速地扫描行为,对强动态性、强随机性和强隐蔽性的与端口有关的安全事件如DDoS、蠕虫病毒、木马等效果并不好。为此,本文提出一种针对慢扫描、隐蔽扫描的网络安全信息可视化方法,通过分析处理网络数据包,运用信息可视化技术设计并开发了可视化端口扫描检测系统ScanViewer,该系统能从大量模糊数据信息中发现攻击模式,能有效检测到慢扫描、分布式扫描和各类TCP隐蔽扫描等。
Network security visualization has become a hot research field in recent years. Unlike the traditional methods of analyzing log data, visualization technology can change the research methods of network security greatly. It can not only deal with large volume of data effectively, but also help network administrators detect anomalies by analyzing patterns in the graphs, even can discover new types of attacks and forecast the trend of events.
Tough some researchers proposed that we can solve the self-similarity parameter of network traffic by use of wavelet analysis, the value is imprecise. The volume of training data used in solving the self-similarity parameter is very large. This makes the whole process very slow, and the method can not detect the weak DDoS attack timely. So an improved DDoS detection algorithm based on wavelet analysis is proposed in this paper. Principal component analysis method is used to reduce the dimension of network data firstly. The new data with low dimension can be used for solving the self-similarity parameter. An improved principal component analysis algorithm for dimension reduction of large amounts of data is proposed in this paper too. The algorithm increases the speed of detection greatly. From the numerical and graphic results we can see the new algorithms are very effective.
According to information visualization process, the data sources, visual structures and interactive functions in visualization techniques especially for DDoS detection are studied in this paper. The advantages and disadvantages of existing network security visualization techniques for DDoS detection are analyzed too. The early characteristics of DDoS attacks are studied and a novel visualization technique for DDoS detection named DDoSviewer is proposed in the paper. The extraction and analysis of network data, the calculation and display of graphic elements’attribute are included in the new visualization technique. The results show that the new system can detect DDoS attacks effectively.
Time is always used as the most important parameter in the current network security visualization techniques on port scan.This makes the slow scan, the dynamic or random scan, concealed scan and spoofed scan hard to detect, and the detection results of the related security anomalies such as DDoS, worms, Trojans etc are bad too. Therefore, a novel network security visualization method for slow scan, concealed scan etc is proposed in this paper. Through analysis of the network data packets and information visualization techniques, a new visual system for port scan detection named ScanViewer is designed in the paper. Many interactive fuctions are developed in the new system too.The results show that the attack patterns can be easily found from large amount of fuzzy data, and slow scan, distributed scan and various types of TCP concealed scans can be effectively detected from the ScanViewer.
针对利用小波分析法求解Hurst参数值检测DDoS攻击,求得参数值不够精确,易造成漏报、误报,加上运用小波分析法需要的样本容量较大,计算过程缓慢,不能准确快速地识别弱DDoS攻击等特点,本文提出了一种改进的小波分析法的DDoS检测技术。根据主成分分析法将网络数据进行维数约减,然后利用小波分析法对降维后的数据求解自相似参数Hurst;提出了针对大规模网络数据维数约减的改进的主成分分析法。新算法大大提高了检测速度,能准确地求解Husrt参数值。通过数值、图形等方式给出了实验结果,从多角度说明了新算法的有效性。
结合信息可视化流水线,本文研究了DDoS攻击可视化检测系统应采用的数据源、选取的可视化结构和应具备的交互功能,分析了国外现有有关DDoS攻击的网络安全可视化技术的优缺点,提出了一种新型DDoS攻击检测技术。从DDoS攻击形成的前期特征入手,通过对网络数据进行提取分析和统计,对数据按照一定的算法原则进行图形元素的属性计算并显示。最后设计并实现了专门针对DDoS攻击的显示工具DDoSViewer,实验证明新系统具有好的显示、交互等功能,能有效检测DDoS攻击。
目前基于端口扫描的网络安全可视化技术常常以时间作为最重要参数指标,往往只能检测那些较快速地扫描行为,对强动态性、强随机性和强隐蔽性的与端口有关的安全事件如DDoS、蠕虫病毒、木马等效果并不好。为此,本文提出一种针对慢扫描、隐蔽扫描的网络安全信息可视化方法,通过分析处理网络数据包,运用信息可视化技术设计并开发了可视化端口扫描检测系统ScanViewer,该系统能从大量模糊数据信息中发现攻击模式,能有效检测到慢扫描、分布式扫描和各类TCP隐蔽扫描等。
Network security visualization has become a hot research field in recent years. Unlike the traditional methods of analyzing log data, visualization technology can change the research methods of network security greatly. It can not only deal with large volume of data effectively, but also help network administrators detect anomalies by analyzing patterns in the graphs, even can discover new types of attacks and forecast the trend of events.
Tough some researchers proposed that we can solve the self-similarity parameter of network traffic by use of wavelet analysis, the value is imprecise. The volume of training data used in solving the self-similarity parameter is very large. This makes the whole process very slow, and the method can not detect the weak DDoS attack timely. So an improved DDoS detection algorithm based on wavelet analysis is proposed in this paper. Principal component analysis method is used to reduce the dimension of network data firstly. The new data with low dimension can be used for solving the self-similarity parameter. An improved principal component analysis algorithm for dimension reduction of large amounts of data is proposed in this paper too. The algorithm increases the speed of detection greatly. From the numerical and graphic results we can see the new algorithms are very effective.
According to information visualization process, the data sources, visual structures and interactive functions in visualization techniques especially for DDoS detection are studied in this paper. The advantages and disadvantages of existing network security visualization techniques for DDoS detection are analyzed too. The early characteristics of DDoS attacks are studied and a novel visualization technique for DDoS detection named DDoSviewer is proposed in the paper. The extraction and analysis of network data, the calculation and display of graphic elements’attribute are included in the new visualization technique. The results show that the new system can detect DDoS attacks effectively.
Time is always used as the most important parameter in the current network security visualization techniques on port scan.This makes the slow scan, the dynamic or random scan, concealed scan and spoofed scan hard to detect, and the detection results of the related security anomalies such as DDoS, worms, Trojans etc are bad too. Therefore, a novel network security visualization method for slow scan, concealed scan etc is proposed in this paper. Through analysis of the network data packets and information visualization techniques, a new visual system for port scan detection named ScanViewer is designed in the paper. Many interactive fuctions are developed in the new system too.The results show that the attack patterns can be easily found from large amount of fuzzy data, and slow scan, distributed scan and various types of TCP concealed scans can be effectively detected from the ScanViewer.
引文
[1] Kasemsri, R.R., A Survey, Taxonomy, and Analysis of Network Security Visualization Techniques. [Master thesis], 2005, Georgia State University.
[2] Stuart K. Card, Jock D. Mackinlay and Ben Shneiderman, Readings in information visualization: using vision to think. 1999: Morgan Kaufmann Publishers.
[3] Richard A.Becker, S.G.E., and Allan R.Wilks, Visualizing network data. IEEE Transactions on Visualization and Computer Graphics, 1995. 1(1): 16~28
[4] Shombert, S.C.F.a.L.A. Network Profiling and Data Visualization. in 2000 IEEE Workshop on Information Assurance and Security. 2000. United States Military Academy,West Point, NY.
[5] Luc Girardin, An eye on network intruder administrator shootouts. Proceedings of the Workshop on Intrusion Detection and Network Monitoring(ID’99, 1999 19~28
[6] Brodbeck, L.G.a.D., A visual approach for monitoring logs. Proceedings of the 12th Usenix System Administration Conference, 1998: 299~308.
[7] Frincke, R.F.E.a.D., Visualization in Detection of Intrusions and Misuse in Large-Scale Networks. Proceedings of Information Visualization 2000,IEEE CS Press,Los Alamitos.Calif., 2000: 294~299.
[8] Erbacher, R.F., Visual behaviour characterization for intrusion detection in large scale systems. Proceedings of the LASTED International Conference on Visualization,Imaging, and Image Processing, 2001: 54~59.
[9] Ball. R., G.F., C. North, Home-Centric Visualization of Network Traffic for Security Administration. Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security Washington, DC, USA, ACM Press, 2004: 55~64
[10] Colombe. J., G.S., Statistical Profiling and Visualization for Detection of Malicious Insider Attacks on Computer Networks. Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security, 2004:138~142.
[11] S. T. Teoh, K.M., et al, A Visual Technique for Internet Anomaly Detection, in IASTED International Conference on Computer Graphics and Imaging,CGIM’02. 2002.
[12] Jonathan McPherson, K.-L.M., Paul Krystosk, Tony Bartoletti,and Marvin Christensen, Portvis: a tool for port-based detection of security events.Visualization and Data Mining for Computer Security, 2004:73~81.
[13] Atkison, K.P., C. Nocholas, D. Ebert, R. Atkison, C. Morris Case Study: Visualization and Information Retrieval Techniques for Network Intrusion Detection, in IEEE TCCG Symposium on Visualization (VisSym 2001). 2001, IEEE.
[14] Erbacher R. F., Z.T., S. Pandit Multi-Node Monitoring and Intrusion Detection, in Proceedings of the IASTED International Conference on Visualization, Imaging, and Image Processing. 2002: Malaga, Spain:720~725.
[15] Hideki Koike, K.O., SnortView: Visualization System of Snort Logs. Visualization and Data Mining for Computer Security, 2004:143~147.
[16] Axelsson, S., Visualisation for Intrusion Detection: Hooking the Worm, in Proceedings of the 8th European Symposium on Research in Computer Security (ESORICS 2003). 2003, Springer-Verlag: Gjovik, Norway:13~15.
[17] Conti,G.. K.A., Passive Visual Fingerprinting of Network Attack Tools, in the 2004 ACM Workshop on Visualization and Data Mining for Computer Security. 2004, ACM Press: Washington, DC, USA:45~54.
[18] X.Yin, W.Y., M.Treaster, Y.Li, and K.Lakkaraju, VisFlowConnection: netflow visualizations of link relationships for security situational awareness, in Visualization and Data Mining for Computer Security(VizSEC/DMSEC). 2004:26~34.
[19] Labib.K.,R.V., NSOM: A Real-Time Network-Based Intrusion Detection System Using Self-Organizing Maps, in Networks and Security. Technical report, Dept. of Applied Science,University of California, Davis 2002.
[20] Yoo, I., Visualizing Windows Executable Viruses Using Self-Organizing Maps, in the 2004 ACM Workshop on Visualization and Data Mining for Computer Security. 2004, ACM Press: Washington, DC, USA:82~89.
[21] Pilkington, B.I.a.N. High Level Internet Scale Traffic Visualization Using Hilbert Curve Mapping. in Proceedings of Workshop on Visualization for Computer Security,VizSEC 2007. 2007:147~158.
[22] Takada. T., H.K., MieLog: A Highly Interactive Visual Log Browser Using Information Visualization and Statistical Analysis, in the 16th Systems Administration Conference (LISA’02]. 2002: Philadelphia, PA, USENIX:133~144.
[23] Toelle. J, O.N., Supporting Intrusion Detection by Graph Clustering and Graph Drawing, in Third International Workshop on the Recent Advances in Intrusion Detection,Lecture Notes in Computer Science. 2000, Springer-Verlag: Toulouse, France.
[24] Axelsson, S., Visualising the Inner Workings of a Self Learning Classifier: Improving the Usability of Intrusion Detection Systems. Technical report2004:12, Department of Computing Science, Chalmers University of Technology, Goteborg, Sweden,2004.
[25] Axelsson, S., Visualising Intrusions: Watching the Webserver, in the 19th IFIP International Information Security Conference (SEC2004). 2004: Tolouse, France.:259~274.
[26] Erbacher.R.F., M.G. Fusion and Summarization of Behavior for Intrusion Detection Visualization. in the IASTED International Converence On Visualization,Imaging, and Image Processing. 2004. Marbella, Spain.
[27] Teoh.S.T., K.Z. Combining Visual and Automated Data Mining for Near-Real-Time Anomaly Detection and Analysis in BGP. in the 2004 ACM Workshop on Visualization and Data Mining for Computer Security. 2004. Washington, DC, USA: ACM Press:35~44.
[28] Taylor.T., S.B., and J. McHugh, NetBytes Viewer: An Entity-Based NetFlow Visualization Utility for Identifying Intrusive Behavior. Proceedings of Workshop on Visualization for Computer Security, VizSEC 2007, 2007: 101~114.
[29] Kiran Lakkaraju, W.Y., and Adam J.Lee. NVisionIP: netflow visualizations of system state for security situational awareness. in Visualization and Data Mining for Computer Security(VizSEC/DMSEC) 2004:65~72.
[30] Koike H., O.K., Koizumi K. Visualizing Cyber Attacks using IP Matrix. in Visualizaiton of Computer Security. VizSEC: Proceedings of the IEEE Workshop on Visualization for Computer Security, 2005: 91–98..
[31] J. Pearlman, P.R. Visualizing Network Security Events Using Compound Glyphs from a Service-Oriented Perspective. in Visualization for Computer Security. VizSEC 2007: Proceedings of the Workshop on Visualization for Computer Security, 2007:131~146.
[32] Goodall, J.R., Wayne G. Lutters, Penny Rheingans, and Anita Komlodi, Preserving the Big Picture: Visual Network Traffic Analysis with TNV. Proceedings of the Workshop on Visualization for Computer Security (VizSec), 2005: 47~54.
[33] Erbacher, R.F. Visual behaviour characterization for intrusion detection in large scale systems. in the LASTED International Conference on Visualization, Imaging, and Image Processing. 2001:54~59.
[34] North, G.A.F.a.C. Root Polar Layout of Internet Address Data for Security Administrtion. in VizSEC: Proceedings of the IEEE Workshop on Visualization for Computer Security. 2005:55~64.
[35] R. Bearavolu, K.L., W. Yurcik, H. Raje. A Visualization Tool for ituational Awareness of Tactical and Strategic Security Events on Large and Complex omputer Networks. in IEEE Military ommunications Conference (MILCOM 2003). 2003: IEEE.
[36] Lau, S., The spinning cube of potential doom. Communications of the ACM, 2004. 47(6):25-26.
[37] Scott. C., K.N., T.Capers,and J.Ladeji-Osias, Network intrusion visualization with niva ,an intrusion detection visual and haptic analyzer. Information Visualization, 2003. 2(2):82~94.
[38] Staniford, J.A.H.a.S. Viewing ids alerts: Lessons from snortsnarf. in 2001 ADRPA Information Survivability Conference and Exposition(DISCEX 2001). 2001:374~386.
[39] Pin Ren, Y.G., Zhichun Li, Yan Chen and Benjamin Watson. IDGraphs: Intrusion Detection and Analysis Using Histographs. in VizSEC: Proceedings of the IEEE Workshop on Visualization for Computer Security, 2005:39–46.
[40] Lee, C.P., Trost, J., Gibbs, N., Beyah, R. and Copeland, J.A. Visual Firewall: real-time network security monitor. in VizSEC: Proceedings of the IEEE Workshop on Visualization for Computer Security, 2005:129–136.
[41]凌军,曹阳,基于时态知识模型的网络入侵检测方法研究.计算机学报, 2003. 26(11): p. 7.
[42]苏璞睿,李德全,冯登国,基于基因规划的主机异常入侵检测模型.软件学报, 2003. 14(6): p. 7.
[43]饶鲜,董春曦,杨晓全,基于支持向量机的入侵检测系统.软件学报, 2003. 14(4): p. 9.
[44]任勋益,王汝传,王海艳,基于自相似检测DDoS攻击的小波分析方法.通信学报, 2006. 27(5): p. 6.
[45]唐泽圣,三维数据场可视化. 1999,北京:清华大学出版社.
[46]石教英、蔡文立,科学计算可视化算法与系统. 1996:科学出版社.
[47] Lau, S., The spinning cube of potential doom. Communications of the ACM, 2004. 47(6): 25~26.
[48] Erbacher, R.F. Visual behaviour characterization for intrusion detection in large scale systems. in the LASTED International Conference on Visualization, Imaging, and Image Processing. 2001:54~59.
[49] Komlodi. A., J.R.G.a.W.G.L. An Information Visualization Framework for Intrusion Detection. in ACM CHI Extended Abstract. 2004.
[50] Fisk, M., Smith, S.A., Weber, P.M., Kothapally, S., Caudell, T.P, Immersive Network Monitoring. Proceedings of PAM2003 - Passive and Active Measurement 2003, 2003.
[51] http://www.vizsec.org/datasets/.
[52] Jolliffe, I., Principle Component Analysis. 1986, New York Spring-Verlag.
[53] James.M , L.J., Douglas Carrol,Paul E.Green,多元数据分析[英文版]. 2003,北京:机械工业出版社.
[54] V.Vapnik, The Nature of Statistical Learning Theory. 1999: Springer Verlag.
[55] Weinberger.K, P.B., and Saul. L. Nonlinear dimensionality reduction by semidefinite programming and kernel matrix factorization. in Proceedings of the Tenth International Workshop on Artificial Intelligence and Statistics (AISTAT 2005). 2005:381~388.
[56] Belkin M , N.P., Laplacian Eigenmaps for Dimensionality Reduction and Data Representation. Neural Computation, 2003. 15: 1373~1396.
[57] Belkin M, N.P., Semi-Supervised Learning on Riemannian Manifolds. Machine Learning, 2004. 56(1):209~239.
[58] Szummer M , J.T., Partially labeled classification with Markov random walks. Advances in Neural Information Processing Systems, 2002. 14: 945~952.
[59] PAbry,Flan drin P, M.S., Self Similar Network Traffic Analysis and Performance Evaluation. 2000, New York: John Wiley & Sons Press.
[60] Roweis S, S.L., and Hinton G, Global coordination of local linear models. Advances in Neural Information Processing Systems, 2002. 14(8): 889~896.
[61]王永强,基于子空间和流形的降维算法研究, [硕士学位论文]电子工程与信息科学. 2006,中国科技大学:合肥.
[62]张登银,任.王., R/S和小波分析法检测DDoS攻击的研究与比较.南京邮电大学学报, 2006. 26(6): 48~51.
[63]梁循,数据挖掘算法与应用,沈承凤著,2006,北京大学出版社:北京.
[64] Saul, S.R.L., Nonlinear Dimensionality Reduction by Locally Linear Embedding. Science, 2000. 290(5500): 2323~2326.
[65]余肖生,周.,高维数据降维方法研究.情报科学, 2007. 25(8): 1248~1251.
[66]冯艺东,汪.,董士海,信息可视化.工程图学学报,增刊, 2001: 324~329.
[67]刘戡,多维数据可视化研究. 2002,武汉大学:武汉.
[68] Furnas, G.W., Generalized fisheye views. Human Factors in Computing Systems CHI '86 Conference Proceedings, 1986:16~23.
[69] Stasko,www.cc.gatech.edu/classes/AY2001/cs7450_fall/Talks/12-tree2.ppt. CS 7450 Information Visualization, March 16, 2005
[70] Kulsoom Abdullah, C.L., Gregory Conti, John A.Copeland, John Stasko. . IDS RainStorm: Visualizing IDS Alarms. in IEEE Workshop on Visualization for Computer Security(VizSEC 05). 2005. Minneapolis,USA:1~10.
[71] Erwan Le Malecot, M.K., Yoshiaki Hori, Interactively combining 2D and 3D Visualization for Network Traffic Monitoring. Visualization for Computer Security, 2006: 123~127.
[72] Foresti. S., J.A., VisAlert:From Idea to Product. Proceedings of the Workshop on Visualization for Computer Security (VizSec),VizSEC 2007,2007: 159~174.
[73] Yarden Livnat, A., J. Moon, S et al, A Visualization Paradigm for Network Intrusion Detection. Proceedings from the Sixth Annual IEEE, 2005:92~99.
[74] Erbacher, R.F., Christensen,K,Sundberg, Designing Visualization Capabilities for IDS challenges. A Visualization for Computer Security, 2005: 121~127.
[75] Chris P. Lee, J.T., Nicholas Gibbs,Raheem Beyah,John A. Copeland. Visual Firewall: Real-time Network Security Monitor. in IEEE Workshop on Visualization for Computer Security 2005 (VizSEC 05) (IEEE Cat. No. 05EX1205). 2005:129~136.
[76] Christos Papadopoulos, C.K., Alexander Sawchuk,Xinming He. CyberSeer: 3D Audio-Visual Immersion for Network Security and Management. in the 2004 ACM Workshop on Visualization and Data Mining for Computer Security. 2004. Washington, DC, USA: ACM Press:90~98.
[77] A. Hussain, J.H.a.C.P. A Framework for Classifying Denial of Service Attacks. in Sigcomm 2003. Karlsruhe, Germany. 2003:99~110.
[78] http://www.projects.ncassr.org/sift/.
[79] Pin Ren, J.K., Bruce.G, Visualizing DNS traffic. Proceedings of the 3rd international workshop on Visualization for computer security, 2006: 23~30.
[80] J. Stoll, D.M., M. Gregory, V. Crow, andW.K. Edwards, Adapting Personas for Use in Security Visualization Design. Proceedings of Workshop on Visualization for Computer Security, VizSEC 2007, 2007:39~52.
[81]苏更殊,李., DDoS攻击的分析、检测与防范技术.计算机工程与设计, 2002. 23(11): 5~8.
[82]第文军,薛.,蒋士奇,运用网络流量自相似分析的网络流量异常检测.兵工自动化, 2003. 22(6): 28~31.
[83]孙钦东,张.,高鹏,基于时间序列分析的分布式拒绝服务攻击检测.计算机学报, 2005. 28(5): 768~773.
[84] LELAND W, T.M., WILLINGER W, On the self-similar nature of Ethemet trafic. IEE/ACM Trans on Networking[Extended Version], 1994. 2(2): 1~15.
[85]李弼程,罗建书,小波分析及其应用. 2003,北京:电子工业出版社.
[86] DAUBECHIESI, Ten Lectures on Wavelets. 1992, SIAM: Philadelphia.
[87]谭晓玲,基于小波变换的入侵检测方法.重庆三峡学院学报, 2005. 21(3): 28~30.
[88] Rawat, S.a., C.S,Sastry. Network intrusion detection using wavelet analysis. in 7th International Conference on Information Technology. 2004. Hyderabad, India: Springer.
[89] Paxson V, F.S., Wide area traffic:the failure of Poisson modeling. IEEE/ACM Trans. on Networking, 1995. 3(3):226~244.
[90] Abry P, V.D., Wavelet analysis of long range dependent traffic. IEEE Trans.on Information Theory, 1998. 44(1): 2~15.
[91] A.P.F.d.P.T.M.S., Self Similar Netw ork Traffic Analysis an d Perform ance Evaluation. 2000, New York: John Wiley & Sons Press.
[92]洪飞,吴志美,基于小波的Hurst指数自适应估计方法.软件学报, 2005. 16(9): 1685~1689.
[93]李永利,刘贵忠,王海军,自相似数据流的Hurst参数小波求解法分析.电子与信息学报, 2003. 25(1): 100~106.
[94]吕良福,戴华,孙济洲,求解大型对称特征值问题的改进的块Davidson方法.天津大学学报, 2007 40 (5): 559~562.
[95] Shneiderman, B., The Eyes Have It:A task by Data Type Taxonomy for Information Visualizations. Proceedings of the IEEE Workshop Visual Language '96, 1996:336~343.
[96]夏海涛,端口扫描的设计和实现, [硕士学位论文],计算机科学与技术. 2002,吉林大学:长春.
[97]刘戡,多维数据可视化研究, [博士学位论文],计算机科学与技术. 2002,武汉大学:武汉.
[98] http://www.prefuse.org/.
[99]王玲,计算机网络端口扫描检测与干绕系统的研究和实现. [硕士学位论文],2001,中国科学院计算机网络信息中心:北京.
[100] Williams.L., R. Lippmann, and K. Ingols, An Interactive Attack Graph Cascade and Reachability Display, Proceedings of Workshop on Visualization for Computer Security, VizSEC 2007:221-236
[101] X. Suo, Y. Zhu, and G. Scott Owen, Measuring the Complexity of Computer Security Visualization Designs, Proceedings of Workshop on Visualization for Computer Security, VizSEC 2007:53-66
[102] T.H. Yu, B.W. Fuller, J.H. Bannick, L.M. Rossey, and R.K. Cunningham, Integrated Environment Management for Information Operations Testbeds, Proceedings of Workshop on Visualization for Computer Security, VizSEC 2007:67-83
[103] Muelder.C., L. Chen, R. Thomason, K.-L. Ma, and T. Bartoletti, Intelligent Classification and Visualization of Network Scans, Proceedings of Workshop on Visualization for Computer Security, VizSEC 2007:237-253
[104] Goodall .J.R., Introduction to Visualization for Computer Security, Proceedings of Workshop on Visualization for Computer Security, VizSEC 2007:1-17
[105] Taylor. T, S. Brooks, and J. McHugh, NetBytes Viewer: An Entity-Based NetFlow Visualization Utility for Identifying Intrusive Behavior, Proceedings of Workshop on Visualization for Computer Security, VizSEC 2007:101-114
[106] Pike.W.A., C. Scherrer, S. Zabriskie, Putting Security in Context: Visual Correlation of Network Activity with Real-World Information. Proceedings of the Workshop on Visualization for Computer Security. VizSEC 2007:203-220
[107] Irwin.B., J.-P. van Riel, Using InetVis to Evaluate Snort and Bro Scan Detection on a Network Telescope. Proceedings of the Workshop on Visualization for Computer Security. VizSEC 2007:255-273
[108] Amico .A. D, K. Whitley, The Real Work of Computer Network Defense Analysts. Proceedings of the Workshop on Visualization for Computer Security. VizSEC 2007:19-37
[109] Phan .D., J. Gerth, M. Lee, A. Paepcke, T. Winograd, Visual Analysis of Network Flow Data with Timelines and Event Plots. Proceedings of the Workshop on Visualization for Computer Security. VizSEC 2007:85-99
[110] Mansman .F., L. Meier, D.A. Keim, Visualization of Host Behavior for Network Security. Proceedings of the Workshop on Visualization for Computer Security. VizSEC 2007:187-202
[111] Pearlman. J., P. Rheingans, Visualizing Network Security Events Using Compound Glyphs from a Service-Oriented Perspective. Proceedings of the Workshop on Visualization for Computer Security. VizSEC 2007:131-146
[112] Chris M.,Kwan-Liu Ma,Visualization of Sanitized Email Logs for Spam Analysis.Proceedings of Asia-Pacific Symposium on Visualization February, 2007:9-16
[113] Fortier.C. and L. A. Shombert, Network Profiling and Data Visualization, Proceedings of the 2000 IEEE Workshop on Information Assurance and Security,United States Military Academy, West Point, NY, IEEE, 2000
[114] Mukosaka, S.;,Koike, H., Integrated visualization system for monitoring security in large-scale local area network Visualization.APVIS '07. 2007 6th International Asia-Pacific Symposium, 2007:41– 44
[115] Musa,Shahrulniza,Parish, David J.,Visualising Communication Network Security Attacks,Information Visualization[J].IV '07. 11th International Conference , 2007:726 - 733
[116] Raffael Marty, Applied Security Visualization, [Book],2008 , Addison Wesley.
[2] Stuart K. Card, Jock D. Mackinlay and Ben Shneiderman, Readings in information visualization: using vision to think. 1999: Morgan Kaufmann Publishers.
[3] Richard A.Becker, S.G.E., and Allan R.Wilks, Visualizing network data. IEEE Transactions on Visualization and Computer Graphics, 1995. 1(1): 16~28
[4] Shombert, S.C.F.a.L.A. Network Profiling and Data Visualization. in 2000 IEEE Workshop on Information Assurance and Security. 2000. United States Military Academy,West Point, NY.
[5] Luc Girardin, An eye on network intruder administrator shootouts. Proceedings of the Workshop on Intrusion Detection and Network Monitoring(ID’99, 1999 19~28
[6] Brodbeck, L.G.a.D., A visual approach for monitoring logs. Proceedings of the 12th Usenix System Administration Conference, 1998: 299~308.
[7] Frincke, R.F.E.a.D., Visualization in Detection of Intrusions and Misuse in Large-Scale Networks. Proceedings of Information Visualization 2000,IEEE CS Press,Los Alamitos.Calif., 2000: 294~299.
[8] Erbacher, R.F., Visual behaviour characterization for intrusion detection in large scale systems. Proceedings of the LASTED International Conference on Visualization,Imaging, and Image Processing, 2001: 54~59.
[9] Ball. R., G.F., C. North, Home-Centric Visualization of Network Traffic for Security Administration. Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security Washington, DC, USA, ACM Press, 2004: 55~64
[10] Colombe. J., G.S., Statistical Profiling and Visualization for Detection of Malicious Insider Attacks on Computer Networks. Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security, 2004:138~142.
[11] S. T. Teoh, K.M., et al, A Visual Technique for Internet Anomaly Detection, in IASTED International Conference on Computer Graphics and Imaging,CGIM’02. 2002.
[12] Jonathan McPherson, K.-L.M., Paul Krystosk, Tony Bartoletti,and Marvin Christensen, Portvis: a tool for port-based detection of security events.Visualization and Data Mining for Computer Security, 2004:73~81.
[13] Atkison, K.P., C. Nocholas, D. Ebert, R. Atkison, C. Morris Case Study: Visualization and Information Retrieval Techniques for Network Intrusion Detection, in IEEE TCCG Symposium on Visualization (VisSym 2001). 2001, IEEE.
[14] Erbacher R. F., Z.T., S. Pandit Multi-Node Monitoring and Intrusion Detection, in Proceedings of the IASTED International Conference on Visualization, Imaging, and Image Processing. 2002: Malaga, Spain:720~725.
[15] Hideki Koike, K.O., SnortView: Visualization System of Snort Logs. Visualization and Data Mining for Computer Security, 2004:143~147.
[16] Axelsson, S., Visualisation for Intrusion Detection: Hooking the Worm, in Proceedings of the 8th European Symposium on Research in Computer Security (ESORICS 2003). 2003, Springer-Verlag: Gjovik, Norway:13~15.
[17] Conti,G.. K.A., Passive Visual Fingerprinting of Network Attack Tools, in the 2004 ACM Workshop on Visualization and Data Mining for Computer Security. 2004, ACM Press: Washington, DC, USA:45~54.
[18] X.Yin, W.Y., M.Treaster, Y.Li, and K.Lakkaraju, VisFlowConnection: netflow visualizations of link relationships for security situational awareness, in Visualization and Data Mining for Computer Security(VizSEC/DMSEC). 2004:26~34.
[19] Labib.K.,R.V., NSOM: A Real-Time Network-Based Intrusion Detection System Using Self-Organizing Maps, in Networks and Security. Technical report, Dept. of Applied Science,University of California, Davis 2002.
[20] Yoo, I., Visualizing Windows Executable Viruses Using Self-Organizing Maps, in the 2004 ACM Workshop on Visualization and Data Mining for Computer Security. 2004, ACM Press: Washington, DC, USA:82~89.
[21] Pilkington, B.I.a.N. High Level Internet Scale Traffic Visualization Using Hilbert Curve Mapping. in Proceedings of Workshop on Visualization for Computer Security,VizSEC 2007. 2007:147~158.
[22] Takada. T., H.K., MieLog: A Highly Interactive Visual Log Browser Using Information Visualization and Statistical Analysis, in the 16th Systems Administration Conference (LISA’02]. 2002: Philadelphia, PA, USENIX:133~144.
[23] Toelle. J, O.N., Supporting Intrusion Detection by Graph Clustering and Graph Drawing, in Third International Workshop on the Recent Advances in Intrusion Detection,Lecture Notes in Computer Science. 2000, Springer-Verlag: Toulouse, France.
[24] Axelsson, S., Visualising the Inner Workings of a Self Learning Classifier: Improving the Usability of Intrusion Detection Systems. Technical report2004:12, Department of Computing Science, Chalmers University of Technology, Goteborg, Sweden,2004.
[25] Axelsson, S., Visualising Intrusions: Watching the Webserver, in the 19th IFIP International Information Security Conference (SEC2004). 2004: Tolouse, France.:259~274.
[26] Erbacher.R.F., M.G. Fusion and Summarization of Behavior for Intrusion Detection Visualization. in the IASTED International Converence On Visualization,Imaging, and Image Processing. 2004. Marbella, Spain.
[27] Teoh.S.T., K.Z. Combining Visual and Automated Data Mining for Near-Real-Time Anomaly Detection and Analysis in BGP. in the 2004 ACM Workshop on Visualization and Data Mining for Computer Security. 2004. Washington, DC, USA: ACM Press:35~44.
[28] Taylor.T., S.B., and J. McHugh, NetBytes Viewer: An Entity-Based NetFlow Visualization Utility for Identifying Intrusive Behavior. Proceedings of Workshop on Visualization for Computer Security, VizSEC 2007, 2007: 101~114.
[29] Kiran Lakkaraju, W.Y., and Adam J.Lee. NVisionIP: netflow visualizations of system state for security situational awareness. in Visualization and Data Mining for Computer Security(VizSEC/DMSEC) 2004:65~72.
[30] Koike H., O.K., Koizumi K. Visualizing Cyber Attacks using IP Matrix. in Visualizaiton of Computer Security. VizSEC: Proceedings of the IEEE Workshop on Visualization for Computer Security, 2005: 91–98..
[31] J. Pearlman, P.R. Visualizing Network Security Events Using Compound Glyphs from a Service-Oriented Perspective. in Visualization for Computer Security. VizSEC 2007: Proceedings of the Workshop on Visualization for Computer Security, 2007:131~146.
[32] Goodall, J.R., Wayne G. Lutters, Penny Rheingans, and Anita Komlodi, Preserving the Big Picture: Visual Network Traffic Analysis with TNV. Proceedings of the Workshop on Visualization for Computer Security (VizSec), 2005: 47~54.
[33] Erbacher, R.F. Visual behaviour characterization for intrusion detection in large scale systems. in the LASTED International Conference on Visualization, Imaging, and Image Processing. 2001:54~59.
[34] North, G.A.F.a.C. Root Polar Layout of Internet Address Data for Security Administrtion. in VizSEC: Proceedings of the IEEE Workshop on Visualization for Computer Security. 2005:55~64.
[35] R. Bearavolu, K.L., W. Yurcik, H. Raje. A Visualization Tool for ituational Awareness of Tactical and Strategic Security Events on Large and Complex omputer Networks. in IEEE Military ommunications Conference (MILCOM 2003). 2003: IEEE.
[36] Lau, S., The spinning cube of potential doom. Communications of the ACM, 2004. 47(6):25-26.
[37] Scott. C., K.N., T.Capers,and J.Ladeji-Osias, Network intrusion visualization with niva ,an intrusion detection visual and haptic analyzer. Information Visualization, 2003. 2(2):82~94.
[38] Staniford, J.A.H.a.S. Viewing ids alerts: Lessons from snortsnarf. in 2001 ADRPA Information Survivability Conference and Exposition(DISCEX 2001). 2001:374~386.
[39] Pin Ren, Y.G., Zhichun Li, Yan Chen and Benjamin Watson. IDGraphs: Intrusion Detection and Analysis Using Histographs. in VizSEC: Proceedings of the IEEE Workshop on Visualization for Computer Security, 2005:39–46.
[40] Lee, C.P., Trost, J., Gibbs, N., Beyah, R. and Copeland, J.A. Visual Firewall: real-time network security monitor. in VizSEC: Proceedings of the IEEE Workshop on Visualization for Computer Security, 2005:129–136.
[41]凌军,曹阳,基于时态知识模型的网络入侵检测方法研究.计算机学报, 2003. 26(11): p. 7.
[42]苏璞睿,李德全,冯登国,基于基因规划的主机异常入侵检测模型.软件学报, 2003. 14(6): p. 7.
[43]饶鲜,董春曦,杨晓全,基于支持向量机的入侵检测系统.软件学报, 2003. 14(4): p. 9.
[44]任勋益,王汝传,王海艳,基于自相似检测DDoS攻击的小波分析方法.通信学报, 2006. 27(5): p. 6.
[45]唐泽圣,三维数据场可视化. 1999,北京:清华大学出版社.
[46]石教英、蔡文立,科学计算可视化算法与系统. 1996:科学出版社.
[47] Lau, S., The spinning cube of potential doom. Communications of the ACM, 2004. 47(6): 25~26.
[48] Erbacher, R.F. Visual behaviour characterization for intrusion detection in large scale systems. in the LASTED International Conference on Visualization, Imaging, and Image Processing. 2001:54~59.
[49] Komlodi. A., J.R.G.a.W.G.L. An Information Visualization Framework for Intrusion Detection. in ACM CHI Extended Abstract. 2004.
[50] Fisk, M., Smith, S.A., Weber, P.M., Kothapally, S., Caudell, T.P, Immersive Network Monitoring. Proceedings of PAM2003 - Passive and Active Measurement 2003, 2003.
[51] http://www.vizsec.org/datasets/.
[52] Jolliffe, I., Principle Component Analysis. 1986, New York Spring-Verlag.
[53] James.M , L.J., Douglas Carrol,Paul E.Green,多元数据分析[英文版]. 2003,北京:机械工业出版社.
[54] V.Vapnik, The Nature of Statistical Learning Theory. 1999: Springer Verlag.
[55] Weinberger.K, P.B., and Saul. L. Nonlinear dimensionality reduction by semidefinite programming and kernel matrix factorization. in Proceedings of the Tenth International Workshop on Artificial Intelligence and Statistics (AISTAT 2005). 2005:381~388.
[56] Belkin M , N.P., Laplacian Eigenmaps for Dimensionality Reduction and Data Representation. Neural Computation, 2003. 15: 1373~1396.
[57] Belkin M, N.P., Semi-Supervised Learning on Riemannian Manifolds. Machine Learning, 2004. 56(1):209~239.
[58] Szummer M , J.T., Partially labeled classification with Markov random walks. Advances in Neural Information Processing Systems, 2002. 14: 945~952.
[59] PAbry,Flan drin P, M.S., Self Similar Network Traffic Analysis and Performance Evaluation. 2000, New York: John Wiley & Sons Press.
[60] Roweis S, S.L., and Hinton G, Global coordination of local linear models. Advances in Neural Information Processing Systems, 2002. 14(8): 889~896.
[61]王永强,基于子空间和流形的降维算法研究, [硕士学位论文]电子工程与信息科学. 2006,中国科技大学:合肥.
[62]张登银,任.王., R/S和小波分析法检测DDoS攻击的研究与比较.南京邮电大学学报, 2006. 26(6): 48~51.
[63]梁循,数据挖掘算法与应用,沈承凤著,2006,北京大学出版社:北京.
[64] Saul, S.R.L., Nonlinear Dimensionality Reduction by Locally Linear Embedding. Science, 2000. 290(5500): 2323~2326.
[65]余肖生,周.,高维数据降维方法研究.情报科学, 2007. 25(8): 1248~1251.
[66]冯艺东,汪.,董士海,信息可视化.工程图学学报,增刊, 2001: 324~329.
[67]刘戡,多维数据可视化研究. 2002,武汉大学:武汉.
[68] Furnas, G.W., Generalized fisheye views. Human Factors in Computing Systems CHI '86 Conference Proceedings, 1986:16~23.
[69] Stasko,www.cc.gatech.edu/classes/AY2001/cs7450_fall/Talks/12-tree2.ppt. CS 7450 Information Visualization, March 16, 2005
[70] Kulsoom Abdullah, C.L., Gregory Conti, John A.Copeland, John Stasko. . IDS RainStorm: Visualizing IDS Alarms. in IEEE Workshop on Visualization for Computer Security(VizSEC 05). 2005. Minneapolis,USA:1~10.
[71] Erwan Le Malecot, M.K., Yoshiaki Hori, Interactively combining 2D and 3D Visualization for Network Traffic Monitoring. Visualization for Computer Security, 2006: 123~127.
[72] Foresti. S., J.A., VisAlert:From Idea to Product. Proceedings of the Workshop on Visualization for Computer Security (VizSec),VizSEC 2007,2007: 159~174.
[73] Yarden Livnat, A., J. Moon, S et al, A Visualization Paradigm for Network Intrusion Detection. Proceedings from the Sixth Annual IEEE, 2005:92~99.
[74] Erbacher, R.F., Christensen,K,Sundberg, Designing Visualization Capabilities for IDS challenges. A Visualization for Computer Security, 2005: 121~127.
[75] Chris P. Lee, J.T., Nicholas Gibbs,Raheem Beyah,John A. Copeland. Visual Firewall: Real-time Network Security Monitor. in IEEE Workshop on Visualization for Computer Security 2005 (VizSEC 05) (IEEE Cat. No. 05EX1205). 2005:129~136.
[76] Christos Papadopoulos, C.K., Alexander Sawchuk,Xinming He. CyberSeer: 3D Audio-Visual Immersion for Network Security and Management. in the 2004 ACM Workshop on Visualization and Data Mining for Computer Security. 2004. Washington, DC, USA: ACM Press:90~98.
[77] A. Hussain, J.H.a.C.P. A Framework for Classifying Denial of Service Attacks. in Sigcomm 2003. Karlsruhe, Germany. 2003:99~110.
[78] http://www.projects.ncassr.org/sift/.
[79] Pin Ren, J.K., Bruce.G, Visualizing DNS traffic. Proceedings of the 3rd international workshop on Visualization for computer security, 2006: 23~30.
[80] J. Stoll, D.M., M. Gregory, V. Crow, andW.K. Edwards, Adapting Personas for Use in Security Visualization Design. Proceedings of Workshop on Visualization for Computer Security, VizSEC 2007, 2007:39~52.
[81]苏更殊,李., DDoS攻击的分析、检测与防范技术.计算机工程与设计, 2002. 23(11): 5~8.
[82]第文军,薛.,蒋士奇,运用网络流量自相似分析的网络流量异常检测.兵工自动化, 2003. 22(6): 28~31.
[83]孙钦东,张.,高鹏,基于时间序列分析的分布式拒绝服务攻击检测.计算机学报, 2005. 28(5): 768~773.
[84] LELAND W, T.M., WILLINGER W, On the self-similar nature of Ethemet trafic. IEE/ACM Trans on Networking[Extended Version], 1994. 2(2): 1~15.
[85]李弼程,罗建书,小波分析及其应用. 2003,北京:电子工业出版社.
[86] DAUBECHIESI, Ten Lectures on Wavelets. 1992, SIAM: Philadelphia.
[87]谭晓玲,基于小波变换的入侵检测方法.重庆三峡学院学报, 2005. 21(3): 28~30.
[88] Rawat, S.a., C.S,Sastry. Network intrusion detection using wavelet analysis. in 7th International Conference on Information Technology. 2004. Hyderabad, India: Springer.
[89] Paxson V, F.S., Wide area traffic:the failure of Poisson modeling. IEEE/ACM Trans. on Networking, 1995. 3(3):226~244.
[90] Abry P, V.D., Wavelet analysis of long range dependent traffic. IEEE Trans.on Information Theory, 1998. 44(1): 2~15.
[91] A.P.F.d.P.T.M.S., Self Similar Netw ork Traffic Analysis an d Perform ance Evaluation. 2000, New York: John Wiley & Sons Press.
[92]洪飞,吴志美,基于小波的Hurst指数自适应估计方法.软件学报, 2005. 16(9): 1685~1689.
[93]李永利,刘贵忠,王海军,自相似数据流的Hurst参数小波求解法分析.电子与信息学报, 2003. 25(1): 100~106.
[94]吕良福,戴华,孙济洲,求解大型对称特征值问题的改进的块Davidson方法.天津大学学报, 2007 40 (5): 559~562.
[95] Shneiderman, B., The Eyes Have It:A task by Data Type Taxonomy for Information Visualizations. Proceedings of the IEEE Workshop Visual Language '96, 1996:336~343.
[96]夏海涛,端口扫描的设计和实现, [硕士学位论文],计算机科学与技术. 2002,吉林大学:长春.
[97]刘戡,多维数据可视化研究, [博士学位论文],计算机科学与技术. 2002,武汉大学:武汉.
[98] http://www.prefuse.org/.
[99]王玲,计算机网络端口扫描检测与干绕系统的研究和实现. [硕士学位论文],2001,中国科学院计算机网络信息中心:北京.
[100] Williams.L., R. Lippmann, and K. Ingols, An Interactive Attack Graph Cascade and Reachability Display, Proceedings of Workshop on Visualization for Computer Security, VizSEC 2007:221-236
[101] X. Suo, Y. Zhu, and G. Scott Owen, Measuring the Complexity of Computer Security Visualization Designs, Proceedings of Workshop on Visualization for Computer Security, VizSEC 2007:53-66
[102] T.H. Yu, B.W. Fuller, J.H. Bannick, L.M. Rossey, and R.K. Cunningham, Integrated Environment Management for Information Operations Testbeds, Proceedings of Workshop on Visualization for Computer Security, VizSEC 2007:67-83
[103] Muelder.C., L. Chen, R. Thomason, K.-L. Ma, and T. Bartoletti, Intelligent Classification and Visualization of Network Scans, Proceedings of Workshop on Visualization for Computer Security, VizSEC 2007:237-253
[104] Goodall .J.R., Introduction to Visualization for Computer Security, Proceedings of Workshop on Visualization for Computer Security, VizSEC 2007:1-17
[105] Taylor. T, S. Brooks, and J. McHugh, NetBytes Viewer: An Entity-Based NetFlow Visualization Utility for Identifying Intrusive Behavior, Proceedings of Workshop on Visualization for Computer Security, VizSEC 2007:101-114
[106] Pike.W.A., C. Scherrer, S. Zabriskie, Putting Security in Context: Visual Correlation of Network Activity with Real-World Information. Proceedings of the Workshop on Visualization for Computer Security. VizSEC 2007:203-220
[107] Irwin.B., J.-P. van Riel, Using InetVis to Evaluate Snort and Bro Scan Detection on a Network Telescope. Proceedings of the Workshop on Visualization for Computer Security. VizSEC 2007:255-273
[108] Amico .A. D, K. Whitley, The Real Work of Computer Network Defense Analysts. Proceedings of the Workshop on Visualization for Computer Security. VizSEC 2007:19-37
[109] Phan .D., J. Gerth, M. Lee, A. Paepcke, T. Winograd, Visual Analysis of Network Flow Data with Timelines and Event Plots. Proceedings of the Workshop on Visualization for Computer Security. VizSEC 2007:85-99
[110] Mansman .F., L. Meier, D.A. Keim, Visualization of Host Behavior for Network Security. Proceedings of the Workshop on Visualization for Computer Security. VizSEC 2007:187-202
[111] Pearlman. J., P. Rheingans, Visualizing Network Security Events Using Compound Glyphs from a Service-Oriented Perspective. Proceedings of the Workshop on Visualization for Computer Security. VizSEC 2007:131-146
[112] Chris M.,Kwan-Liu Ma,Visualization of Sanitized Email Logs for Spam Analysis.Proceedings of Asia-Pacific Symposium on Visualization February, 2007:9-16
[113] Fortier.C. and L. A. Shombert, Network Profiling and Data Visualization, Proceedings of the 2000 IEEE Workshop on Information Assurance and Security,United States Military Academy, West Point, NY, IEEE, 2000
[114] Mukosaka, S.;,Koike, H., Integrated visualization system for monitoring security in large-scale local area network Visualization.APVIS '07. 2007 6th International Asia-Pacific Symposium, 2007:41– 44
[115] Musa,Shahrulniza,Parish, David J.,Visualising Communication Network Security Attacks,Information Visualization[J].IV '07. 11th International Conference , 2007:726 - 733
[116] Raffael Marty, Applied Security Visualization, [Book],2008 , Addison Wesley.
© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号 地址:北京市海淀区学院路29号 邮编:100083 电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700 |