期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于网络的HMM异常检测方法研究 被引量:1

The Research of HMM Anomaly Detection Approach Based on Network
下载PDF
导出
摘要 文章从HMM的基本思想、概念出发,建立了以捕获的网络数据包为观测对象的HMM异常检测原型。对原型中存在的可见符号集太大的问题,提出了对观测对象进行分段的改进办法,进而建立了具有可操作性的HMM异常检测模型。在观测对象的概率计算方面,引入了滑动窗口的概念,解决了概率值过小的问题。对模型的训练,给出了模型训练算法、矩阵B的更新公式。 From the basic thought and concept of HMM,the article establishes the prototype of HMM anomaly detection based on network.To resolve some problems which produced from in the large set of observed objects,the improved means that partition the observed object to some fields is proposed to the prototype,by which we establish the feasible HMM of anomalous detection based on network.The sliding window concept is introduced to solve the problem of excessively small probability values.In the model training aspect,the model training algorithm and the matrix B renewal algorithm is created.
作者 朱义鑫 闵东
机构地区 新疆财经学院计算机系
出处 《计算机工程与应用》 CSCD 北大核心 2006年第24期145-148,151,共5页 Computer Engineering and Applications
关键词 入侵检测 异常检测 隐马尔可夫模型 观测序列 intrusion detection,anomaly detection,Hidden Markov Model,observation sequence
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献8

  • 1谭小彬,王卫平,奚宏生,殷保群.计算机系统入侵检测的隐马尔可夫模型[J].计算机研究与发展,2003,40(2):245-250. 被引量:46
  • 2钱丽萍,高光来.包捕获技术:原理、防范和检测[J].计算机系统应用,2000,9(2):31-33. 被引量:8
  • 3Kemmerer R.NSTAT:A Model-based real-time network Intrusion Detection System[R].Technical Report TRCS97-18,Santa Barbara:University of California,1998-06
  • 4Anup K Ghosh,J Wanken,F Charron.Detecting anomalous and unknown intrusions against programs[C].In:Proceeding of the 1998 Annual Computer Security Applications Conference(ACSAC'98),1998-12
  • 5Christina Warrender,Stephanie Forrest,Barak Pearlmutt.Detecting Intrusions Using System Calls:Altemadve Data Model[C].In:1999 IEEE Symposium on Security and Privacy,1999:133~145
  • 6L R Rabiner.A tutorial on hidden Markov models and selected applications in speech recognition[J].Proceedings of the IEEE,1989;77(2):257~286
  • 7R Dugad,U B Desai.《A Tutorial on Hidden Markov Models?》 Published Online.http://vision.ai.uiuc.eduldugad/guestbook/addHMMguest.html.May
  • 8Y Qiao,X W Yin,Y Bin et al.Anomaly intrusion detection method based on HMM[J].Electronics Letters,2002;38(13):663-664

二级参考文献9

  • 1D E Denning. An intrusion detection model. IEEE Trans on Software Engineering, 1987, 13(2): 222~232
  • 2N Ye. A Markov chain model of temporal behavior for anomal detection. The 2000 IEEE Systems, Man, and Cybernetics Information Assurance and Security Workshop, West Point, NY, 2000
  • 3S Jha, K Tan, R Maxion. Markov chains, classifiers, and intrusion detection A. Computer Security Foundations Workshop, the 14th IEEE, Cape Breton, Novia Scotia, Canada, 2001
  • 4E Eskin, L Wenke, S J Stolfo. Modeling system calls for intrusion detection with dynamic window sizes. DARPA Information Survivability Conf & Exposition Ⅱ, Anaheim, California, 2001
  • 5C Warrender, S Forrest, B Pearlmutter. Detecting intrusion using system calls: Alternative data models. In: Proc of the 1999 IEEE Symposium on Security and Privacy. Oakland, California: IEEE Computer Society, 1999. 133~145
  • 6Y Qiao, X W Xin, Y Bin et al. Anomaly intrusion detection method based on HMM. Electronics Letters, 2002, 38(13): 663~664
  • 7L R Rabiner. A tutorial on hidden Markov models and selected applications in speech recognition. Proceedings of the IEEE, 1989, 77(2): 257~286
  • 8T F Lunt, A Tamaru, F Gilham, et al. IDES: A progress report. In: Proc of Annual Computer Security Applications Conf. Tuscon, Arizona: IEEE Computer Society Press, 1990. 273~285
  • 9S Forrest, S A Hofmeyr, A Somayaji et al. A sense of self for Unix processes. In: Proc of the 1996 IEEE Symp on Security and Privacy. Orkland California: IEEE Computer Society Press, 1996. 120~128

共引文献52

同被引文献9

引证文献1

二级引证文献4

计算机工程与应用
2006年 第24期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部