期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

采用规划识别理论预测系统调用序列中的入侵企图 被引量:11

Plan Recognition Based Method for Predicting Intrusion Intentions of System Call Sequences
下载PDF
导出
摘要 规划识别是一种根据观察数据识别和推断被观察对象目的或意图的预测理论 .在计算机系统入侵检测研究中 ,为了提前预测出异常事件的发生 ,提出了一种基于规划识别理论的入侵企图预测方法 .通过对主机上的系统调用序列为观察对象建立预测模型 ,提出了一种带参数补偿的贝叶斯网络动态更新算法 ,对观察对象的目的进行预测 .实验结果表明动态贝叶斯网络对预测系统调用序列中的异常入侵企图有较高的精度 . Plan recognition is a prediction theory for identifying and determining the intentions or the attempts of the agents monitored through observation data. In this paper, a plan recognition based method is presented to predict the anomaly events and intensions of potential intruders to a computer system using the system call sequences as observation data. The method is established on a dynamic Bayesian network with parameter compensation and an algorithm is developed to update this network. The experimental results show that this method has a good accuracy in predicting the intrusion intensions from the system call sequences.
作者 冯力 管晓宏 郭三刚 高艳 刘培妮
机构地区 西安交通大学网络化系统与信息安全研究中心 西安交通大学制造系统国家重点实验室
出处 《计算机学报》 EI CSCD 北大核心 2004年第8期1083-1091,共9页 Chinese Journal of Computers
基金 国家杰出青年基金(6970025) 国家自然科学基金(60243001) 国家"八六三"高技术研究发展计划信息安全主题(2001AA140213)资助
关键词 入侵预测 规划识别 动态贝叶斯网络 参数补偿 系统调用序列 Forecasting Probability distributions Security of data
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献11

  • 1Forrest S., Hofmeyr S.A., Somayaji A., Longstaff T.A.. A sense of self for Unix processes. In: Proceedings of the 1996 IEEE Symposium on Security and Privacy. Los Alamitos, CA: IEEE Computer Society Press, 1996, 120~128
  • 2Lee Wenke, Xiang Dong. Information-theoretic measures for anomaly detection. In: Proceedings of the 2001 IEEE Symposium on Security and Privacy, Oakland, California, USA, 2001, 130~143
  • 3Lane T., Brodley C.E.. Temporal sequence learning and data reduction for anomaly detection. In: Proceedings of the 5th ACM Conference on Computer & Communication Security, San Francisco, California, USA, 1998, 295~331
  • 4Goldman R.P., Geib C.W., Miller C.A.. A new model of plan recognition. In: Proceedings of the 1999 Conference on Uncertainty in Artificial Intelligence, Stockholm, Sweden, 1999, 245~254
  • 5Charniak E., Goldman R.. A Bayesian model of plan recognition. Artificial Intelligence, Elsevier Science Publishers. 1993, 64(1): 53~79
  • 6Albrecht R., Zukerman R., Nicholson A., Bud A.. Towards a Bayesian model for keyhole plan recognition in large domains. In: Proceedings of the 6th International Conference on User Modeling. Sardinia, Italy, 1997, 365~376
  • 7Wrn A., Stenborg O.. Recognizing the plans of a replanning user. In: Proceedings of the IJCAI95 Workshop on The Next Generation of Plan Recognition Systems: Challenges for and Insight from Related Areas of AI. Montreal, Canada, 1995, 113~118
  • 8Nicholson A.E., Brady J.M.. Dynamic belief networks for discrete monitoring. IEEE Transactions on Systems, Man, and Cybernetics, 1994, 24(11): 1593~1610
  • 9Tawfik A.Y., Neufeld E.. Temporal Bayesian networks. In: Proceedings of the 1st International Workshop on Temporal Representation and Reasoning (TIME), Pensacola, Florida, USA, 1994, 85~92
  • 10Geib C.W., Goldman R.P.. Plan recognition in intrusion detection systems. In: Proceedings of DARPA Information Survivability Conference and Exposition(DISCEX), Anaheim, California, USA, 2001, 1: 46~55

同被引文献132

引证文献11

二级引证文献66

计算机学报
2004年 第8期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部