摘要
对入侵行为之间的相关性进行清楚的描述,从而对协同式入侵做出判断,降低误警率,是入侵检测领域的重点和热点问题,本文在概要分析了误警产生的原因的基础上,重点讨论了基于本体的入侵检测框架。
To identify the corresponding intrusion events and mitigate false alerts of intrusion detection by represent- ing the relationships between intrusion events is an importantand difficultwork in the field. The reason of false alerts of intrusion detection system was analyzed. And an emphatic description on the frame of ontology-based intrusion detectionwas given.
出处
《网络安全技术与应用》
2004年第12期46-48,42,共4页
Network Security Technology & Application
