摘要
在阐述入侵检测系统评估所要解决问题的同时对ROC曲线图、贝叶斯检测率、检测期望值和检测量CID等评估方法进行了深入的研究和分析。发现这些方法只基于某几个指标(如误报率、漏报率)对入侵检测系统进行评价,致使评价结果各有不足,这主要是缘于入侵检测系统的复杂性,对其进行性能评价无疑会涉及影响其性能的每一个主要指标。为此应用一种熵权系数模糊综合评判法,采用模糊综合决策的评估方案,利用熵权系数法计算各指标因素的权重,从而使其能够比较全面地评价一个入侵检测系统。
In an effort to analyze and solve evaluation of intrusion detection system,evaluation methods such as ROC curve,the Bayesian detection rate,the expected cost and the intrusion detection capability have been introduced.The evaluation methods which only involve few evaluation metrics (such as false positive rate,false negative rate) have their own weaknesses,because the complexity of intrusion detection system is the main cause and evaluation of intrusion detection system must involve many performance indexes.In order to achieve the purpose of intrusion detection systems for comprehensive evaluation,this paper gives a method of entropy weight coefficient that is applied to calculate the weight of factors and decrease subjective judgment on the effect of the weight coefficient.Intrusion detection systems are evaluated objectively and comprehensively by the method of entropy weight coefficient.
出处
《计算机工程与应用》
CSCD
北大核心
2008年第9期113-117,共5页
Computer Engineering and Applications
基金
河北省教育厅自然科学基金重点项目(No.Zh2006006)
关键词
网络安全
入侵检测系统
评估
模糊综合评判
network security
intrusion detection system
evaluation
fuzzy comprehensive evaluation