附网存储设备用户行为的一种层次化免疫策略被引量：1

A Multilevel Immune Strategy for User Behaviors in Network-Attached Storage Device

下载PDF

导出

摘要受生物免疫机制的启发,针对附网存储设备用户的异常行为,提出由用户认证、文件权限和用户阶梯组成的层次化免疫策略,对用户行为所请求的系统调用序列进行异常监控,并实现了基于系统调用对和用户分阶信息的异常检测算法,特征元素的阶梯式矩阵存储和高效的匹配方法保证了免疫策略的快速实施。实验表明,该策略能够有效阻止非法用户的入侵及合法用户的越权访问,且足够快的响应速度完全满足在线检测的需要。 Inspired from the biological immunity mechanism, a multilevel immune strategy, composed of user authentication, access authority of file system and user stair, is presented to identify abnormal behaviors in network-attached storage devices. Tracking the system calls required bye users' operations, the anomalies are monitored. An anomaly detection algorithm, which is based on system call pairs and user rank, is established and implemented. The eigenvalues are stored in a novel matrix and an efficient matching method is utilized, which ensures the immune strategy to be carried out rapidly. Experimental results show that this strategy can abort anomalies efficiently, including intrusions of unauthorized users and inadmissible accesses of authorized users. Furthermore, the response speed is fast enough for on-line monitoring.

作者孙照焱董永贵贾惠波冯冠平

机构地区清华大学精密仪器与机械学系精密测试技术及仪器国家重点实验室

出处《计算机应用研究》 CSCD 北大核心 2005年第1期111-113,116,共4页 Application Research of Computers

基金国家重点基础研究"973"基金资助项目(G19990330)

关键词附网存储设备入侵检测系统系统调用 LINUX Network-Attached Storage Device(NASD) Intrusion Detection System (IDS) System Call Linux

分类号 TP309 [自动化与计算机技术—计算机系统结构]

引文网络
相关文献

参考文献11

1张彦超,阙喜戎,王文东.一种基于免疫原理的网络入侵检测模型[J].计算机工程与应用,2002,38(10):159-161. 被引量：13
2肖人彬,王磊.人工免疫系统:原理、模型、分析及展望[J].计算机学报,2002,25(12):1281-1293. 被引量：209
3王凤先,刘振鹏,李继民,常胜.一种仿生物免疫的计算机安全系统模型[J].小型微型计算机系统,2003,24(4):698-701. 被引量：18
4Sun WD,et al. An Artificial Immune System Architecture and Its Applications[ J ]. IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences, 2003, E86A ( 7 ) : 1858-1868.
5Harmer PK, et al. An Artificial Immune System Architecture for Computer Security Applications [ J ]. IEEE Trabsactuibs on Evolutionary Computation ,2002, 6 ( 3 ) : 252- 280.
6Anil Somayaji, Stephanie Forrest. Automated Responsed Using System-Call Delays [ C]. Proceedings of the 9th USENIX Security Symposium, Denver, Colorado, USA, August 2000.14-17.
7Anil Buntwal Somayaji. Operating System Stability and Security through Process Homeostasis[D]. Dissertation for the Degree of Doctor of Philosophy Computer Science. The University of New Mexico,Albuquerque, New Mexico,2002.
8Sun WD,et al. An Artificial Immune System Architecture and Its Applications[J]. IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences,2003,E86A(7):1858-1868.
9Harmer PK, et al.An Artificial Immune System Architecture for Computer Security Applications [J]. IEEE Trabsactuibs on Evolutionary Computation,2002, 6(3): 252-280.
10Anil Somayaji, Stephanie Forrest. Automated Responsed Using System-Call Delays [C]. Proceedings of the 9th USENIX Security Symposium, Denver, Colorado, USA, August 2000.14-17.

二级参考文献62

1童竞亚.医学免疫学与微生物学（第三版）[M].北京:人民卫生出版社,1996.208.
2HanJiawei Kamber M 范明等译.数据挖掘:概念与技术[M].北京:机械工业出版社,2001..
3Timmis J, Neal M, Hunt J. Artificial immune system for data analysis. Biosystems, 2000, 55(1-3):143-150
4Timmis J, Neal M. A resource limited artificial immune sys tem for data analysis. Knowledge Based Systems, 2001, 14(3 -4): 121-130
5Timmis J, Knight T. Artificial immunes system: Using the immune system as inspiration for data mining. In: Abbass H A, Sarker R A, Newton C S eds. Data Mining: A HeuristicApproach. Hershey : Idea Publishing Group, 2001. 209- 230
6Ishiguro A, Ichikawa S, Uchikawa Y. A gait acquisition of a 6-legged robot using immune networks. In: Proc IEEE/RSJ/ GI International Conference on Intelligent Robots and Systems, Munich, Germany, 1994, 2:1034- 1041
7Ishiguro A, Shirai Y, Kondo T et al. Immunoid: An architec ture for behavior arbitration based on the immune networks. In: Proc IEEE/RSJ International Conference on Intelligent Robots and Systems, Osaka, Japan, 1996. 1730-1738
8Ishiguro A, Kuboshiki S, Ichikawa S. Gait coordination of hexapod walking robots using mutual-coupled immune net works. In: Proc IEEE International Conference on Evolution ary Computation, Perth, Australia, 1995. 672-677
9Dasgupta D, Forrest S. Artificial immune systems in industrial applications. In: Proc 2nd International Conference on Intelli gent Processing and Manufacturing of Materials, Honolulu, 1999. 257-267
10Smith D J, Forrest S, Perelson A S. Immunological memory is associative. In: Dasgupta ed. Artificial Immune Systems and their Applications. Berlin: Springer, 1998. 105-112

共引文献237

1熊孝波,桂国庆,郑明新,许建聪,马淑芝.基于免疫RBF神经网络的深基坑施工变形预测[J].岩土力学,2008(S01):598-602. 被引量：2
2周宣武,杨晓元,王伟,邓涛.基于生物免疫学的入侵检测系统研究[J].大连理工大学学报,2003,43(z1):77-80. 被引量：6
3王杰,陈晨,王同军.基于免疫Multi-Agent的入侵防御模型及其实现[J].微电子学与计算机,2009,26(2):178-183.
4刘强,王艳秋,张健.人工免疫聚类算法在交通时段自动划分上的应用[J].自动化博览,2008,25(2):64-67. 被引量：1
5段丹青,陈松乔,杨卫平.基于人工免疫的多Agent自适应入侵检测系统[J].微机发展,2004,14(8):111-113.
6伍海波,高劲松,唐启涛,张燕.基于生物免疫原理的网络入侵检测研究[J].长沙医学院学报,2014(2):27-31.
7付冬梅,郑德玲,位耀光,周颖,鞠磊.人工免疫控制器的设计及其控制效果的仿真[J].北京科技大学学报,2004,26(4):442-445. 被引量：25
8肖人彬.基于免疫计算的机构轨迹综合[J].计算机辅助设计与图形学学报,2004,16(6):812-818. 被引量：7
9梁美莲,梁家荣,郭晨.基于人工免疫系统的关联规则挖掘算法[J].计算机应用,2004,24(8):50-53. 被引量：4
10蔡自兴,龚涛.免疫算法研究的进展[J].控制与决策,2004,19(8):841-846. 被引量：56

同被引文献21

1Axelsson S. Research in intrusion-detection systems: a survey[ R]. Technical Report 98-17. Department of Computer Engineering, Chalrners University of Technology, December 1998.
2NFR Security[ EB/OL]. http://www. nfr. net/. August 2002.
3Forrcst S, Hofmeyr S A, Somayaji A,et al. Longstaff. a sense of self for UNIX processes [ C ]. IEEE Symposium on Security and Privacy, IEEE, 1996,120-128.
4Scambray J, McClure S, Kurtz G. Hacking exposed: network security secrets &solutions[ M]. Osborne/McGraw- Hill, 2001.
5Knight T,Timmis J A. A multi-layered immune inspired approach to data mining[C]. In Proceedings of the 4th International Conference on Recent Advances in Soft Computing ,2002,266-271.
6Bradley D,Tyrrell A. Immunotronics: hardware fault tolerance inspired by the immune system[C]. In Proceedings of the 3rd International Conference on Evoluable Systems (ICES 2000), 1801, 11-20.
7Dasgupta D, Yu S, Majumdar N S. MILA multilevel immune learning algorithm[C]. In Proceedings of the Genetic and Evolutionary Computation Conference ( GECCO 03 ), LNCS 2723, 2003,183- 194.
8Chao D, Forrest S. Information immune systems[ C]. In Proceedings of the 1st International Conference on Artificial Immune Systems (ICARIS02), 2002,1:132-140.
9Dasgupta D, Forrest S. An anomaly detection algorithm inspired by the immune system [ J]. In Artificial Immune System and Their Applications. Springer-Verlag, Inc. , 1999, 262-277.
10Forrest S,Hofmeyr S A,Somayaji A. Computer immunology[J]. Communications of the ACM, 1999,40 (10) : 88 -96.

引证文献1

1陈云亮,黄建忠,谢长生.基于存储的动态入侵检测机制研究[J].小型微型计算机系统,2010,31(8):1489-1494. 被引量：2

二级引证文献2

1高苗粉,秦勇,李勇,邹裕,李清霞,申林.网络入侵检测系统自体集检测中的概率匹配高效寻优机制[J].计算机应用,2013,33(1):156-159. 被引量：10
2梁东莺,郑玮琨.云存储网中快速访问控制机制的研究[J].深圳信息职业技术学院学报,2015,13(3):1-4.

1罗东健,谢长生,王峻.附网存储设备的安全机制[J].电子计算机与外部设备,2000,24(3):10-12.
2周婷,杨根科,吴智铭.附网存储设备的软件系统设计与实现[J].计算机工程与应用,2003,39(34):114-116.
3周婷,杨根科,吴智铭.一种基于Linux的NAS文件系统设计[J].计算机应用,2003,23(6):92-95. 被引量：2
4陈曦,庞小红,吴智铭.用于附网存储设备的系统设计与实现[J].微型电脑应用,2003,19(12):44-46.
5孟庆飞,施展,张江陵.磁盘阵列附网存储技术研究[J].计算机工程与应用,2001,37(8):75-76. 被引量：1
6基准测试 CPU·矩阵存储·内存[J].个人电脑,2004,10(7):152-152.
7郭林源,吉卫喜.基于矩阵存储的明细栏自动提取方法研究[J].新技术新工艺,2008(3):25-27. 被引量：1
8安晖,陈莘萌,朱平.一种用于流媒体的附网缓存方案[J].计算机应用,2003,23(9):110-112. 被引量：1
9梅朝军,周敬利.附网存储设备中快速数据存取方法的实现[J].华中科技大学学报（自然科学版）,2003,31(10):44-46. 被引量：1
10杨智明.图的广度优先搜索遍历算法的分析与实现[J].农业网络信息,2009(12):136-137. 被引量：9

计算机应用研究

2005年第1期

浏览历史

内容加载中请稍等...

附网存储设备用户行为的一种层次化免疫策略被引量：1

参考文献11

二级参考文献62

共引文献237

同被引文献21

引证文献1

二级引证文献2

相关作者

相关机构

相关主题

浏览历史

附网存储设备用户行为的一种层次化免疫策略 被引量：1

参考文献11

二级参考文献62

共引文献237

同被引文献21

引证文献1

二级引证文献2

相关作者

相关机构

相关主题

浏览历史

附网存储设备用户行为的一种层次化免疫策略被引量：1