摘要
入侵检测系统近年来得到长足的发展,但功能都不够完善。为此将基于误用的入侵检测与基于异常的检测结合为一体。在误用检测上,将检测规则进行分类排序,从而极大地提高了检测效率。异常检测则采用人工免疫技术,使系统对已知的攻击和新型攻击均有较强检测能力。
Intrusion detection systems (IDS) are developing very rapid in recent years, But the function of most traditional IDS is not powerful. The technique of combining based on misuse intrusion detecting and anomaly intrusion detecting is considerated. In the misuse detecting model, the starategy is to classify the detecting rules using two branch order tree. The efficient of detection is improved awfully. The model of anomaly detecting is used the technique of artificial immune. Our system worked well at detecting both known and new attacks.
出处
《计算机工程与设计》
CSCD
北大核心
2007年第14期3341-3343,共3页
Computer Engineering and Design
基金
江西省教育厅科技基金项目(2005[83])
江西师大青年成长基金项目(2005[1320])
关键词
入侵检测
规则分类
人工免疫
误用检测
异常检测
intrusion detection
rules classification
artificial immune
misuse detection
anomaly detection
