期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于隐马尔可夫模型的攻击意图识别技术研究 被引量:6

Research on Intention Recognition Based on HMM
下载PDF
导出
摘要 攻击意图识别是海量报警数据处理的重要技术。隐马尔可夫模型HMM能够很好地对复杂攻击行为建模,但对含干扰因素报警序列的攻击意图识别效果不够理想。本文为此提出了改进方案,并根据攻击意图识别的特殊性定义了新的解码问题,设计了解码算法。 Intention recognition is one of the most important approaches in handling the huge number of alerts, Althougn the Hidden Markov Models(HMM) describes complex Internet attacks well, it can not be applied directly in intention recognition because of its weak ability in distinguishing the disturbing alerts. The paper proposes a scheme to overcome the flaw. We redefine the decode problem of HMM according to the characteristics of intention recognition, and implement the decode algorithm too.
作者 孙一品 钟求喜 苏金树
机构地区 国防科技大学计算机学院
出处 《计算机工程与科学》 CSCD 2007年第8期19-22,共4页 Computer Engineering & Science
基金 国家自然科学基金资助项目(90604006)
关键词 入侵检测 攻击意图识别 隐马尔可夫模型 解码算法 intrusion detection intention recognition HMM decode algorithm
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献10

  • 1Debar H,Wespi A Aggregation and Correlation of Intrusion-Detection Alerts[A].Proc of the 4th Symp Oil Recent Advance in Intrusion Detection[C].2001.85-103.
  • 2Valeur F,Vigna G,Kruegel C,et al.A Comprehensive Approach to Intrusion Detection Alert Correlation[J].IEEE Trans on Dependable and Secure Computing,2004,1(3):146-169
  • 3Ning P,Cui Y,Reeves D S.Analyzing Intensive Intrusion Alerts via Correlation[A].Proc of the 5th Int'l Symp on Recent Advances in Intrusion Detection[C].2002.74-94.
  • 4Cuppens F,Miege A.Alert Correlation in a Cooperative Intrusion Detection Framework[A].Proc of the 2002 IEEE Symp on Security and Privacy[C].2002.202-215,
  • 5Yu D,Frineke D A Novel Framework for Alert Correlation and Understanding[A].Proc of Int'l Conf on Applied Cryptography and Network Security[C].2004.452-466.
  • 6Oliver D,Cunningham R K.Fusing a Heterogeneous Alert Stream into Scenarios[A].Proc of the 2001 ACM Workshop on Data Mining for Security Applications[C].2001.1-13.
  • 7Ourston D,Matzner S,Stump W,et al.Applications of Hidden Markov Models to Detecting Multi-Srage Network Attacks[A].Proc of the 36th Annual Hawaii Int'l Codf on Systern Sciences[C].2003.
  • 8Rabiner L R.A Tutorial on Hidden Markov Models and Selected Applications in Speech Recognition[J].Proc of the IEEE,1989,77(2):257-289.
  • 9Ning P,Cui Y An Intrusion Alert Correlator Based on Prerequisites of Intrusions[R].Technical Report TR-2002-01.Department of Computer Science,North Carolina State University,2002.
  • 102000 DARPA Intrusion Detection Data Sets[EB/OL].http://www.ll.mit.edu/IST/ideval/data/2000/LLS_DDOS_1.0.html.2000-03.

同被引文献53

引证文献6

二级引证文献41

计算机工程与科学
2007年 第8期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部