摘要
目前的入侵检测系统缺乏从先前所观察到的进攻进行概括并检测已知攻击的细微变化的能力。本文描述了一种基于最小二乘估计(LS)模型的入侵检测算法,该算法利用神经网络的特点,具有从先前观测到的行为追行概括进而判断将来可能发生的行为的能力。本文在前人工作的基础上提出了一种在异常检测中用反馈神经网络构建程序行为的特征轮廓的思想,给出了神经网络算法的选择和应用神经网络的设计方案。实验表明在异常检测中用反馈神经网络构建程序行为的特征轮廓,能够大大提高检测系统对偶然事件和入侵变异的自适应性和异常检测的速度。
Current intrusion detection systems lack the ability to generalize from previously observed attacks to detect even slight variations of known attacks. This paper describes a LS approach that provides the ability to generalize from previously observed behavior to recognize future unseen behaviors, The approach employs neural networks and can be used for anomaly detection in order to detect novel attacks. This paper represents a method of using Feedback Neural Networks in anomaly detection to analyze the short sequences of system calls. Experiments show events and variance of intrusions, And using the Neural Network is especially better since it can improve the detection rate without increasing the false positives.
出处
《通讯和计算机(中英文版)》
2005年第8期69-72,共4页
Journal of Communication and Computer