摘要
入侵检测是当前网络安全领域研究的重要内容之一。本文分析了基于应用程序的入侵检测系统的重要性和优点,提出了一种针对应用程序的基于系统调用的入侵检测模型。该模型可以发现已知的和未知的滥用入侵和异常入侵活动,具有自学习、自完善功能。
<Abstrcat>Intrusion detection is a hotspot in network security at present. In this paper, after the importance and advantages of application-based intrusion detection system are discussed,present a model of intrusion detection system for applications that is based on system call series. The model with the functions of self-learning and self-completing can detect the known and novel intrusion activities.
出处
《微机发展》
2005年第6期95-98,共4页
Microcomputer Development
关键词
入侵检测
异常检测
滥用检测
系统调用
应用程序
intrusion detection
anomaly detection
misuse detection
system call
application program