摘要
基于程序行为的异常检测方法主要通过建立程序正常行为模式库来检测入侵。本文对异常检测中正常行为模式库的创建算法进行了研究,主要利用基于Teiresias算法的变长模式抽取方法构建程序正常行为模式库,并与TIDE方法作了比较。
As an important branch of the intrusion detection,the anomaly detection is attached importance by people more and more.The anomaly detection system may choose the monitoring object more,including user behavior,procedure behavior,document complete and so on.It detect the anomaly mainly through establishing the normal behavior model database that anomaly detection method based on the procedure behavior.The paper will research foundation algorithm of the normal behavior model database.I mainly establish a norm...
出处
《潍坊学院学报》
2009年第2期33-35,共3页
Journal of Weifang University