期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种采用混合检测器的入侵检测系统 被引量:1

Intrusion detection system with hybrid detector
下载PDF
导出
摘要 传统的基于免疫的入侵检测系统采用低级别的二进制检测器,妨碍了有意义的知识提取,对Nonself空间的覆盖也不完备。对二进制Self集的确定和有效检测器的生成方法进行了改进,研究了实值否定选择算法,加入了实值检测器,构成混合检测器集合,在检测阶段对会话和数据包同时进行异常检测。实验结果ROC曲线表明有较高的检测率和较低的误报率。 The low-level (binary) detector that the traditional artificial-immunity-based network intrusion detection systems adopt prevents the extraction of meaningful domain knowledge, and leads to incomplete cover of Nonself space. In this paper, the method of constructing binary self set and generating valid detector were improved. Real-valued negative selection algorithm was studied and the real-valued detectors were added to construct the hybrid detector congregation to detect abnormal behavior of both packets and sessions at detection stage. The ROC curves of experimental results show that it has higher detection rate and lower false alarm rate.
作者 王大伟 张凤斌 王胜文
机构地区 哈尔滨理工大学计算机科学与技术学院 清华大学信息科学技术学院
出处 《计算机应用》 CSCD 北大核心 2008年第5期1136-1139,共4页 journal of Computer Applications
基金 国家自然科学基金资助项目(60671049) 黑龙江省研究生创新科研项目(YJSCX2007-0100HLJ)
关键词 人工免疫 入侵检测 否定选择算法 混合检测器 artificail immune intrusion detection negative selection algorithm hybrid detector
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献8

  • 1de CASTRO L N,TIMMIS J.Artificial immune systems:A new computational intelligence approach[M].Berlin:Springer-Verlag,2002.
  • 2DASGUPTA D,JI Z,GONZALEZ F.Artificial immune system (AIS) research in the last five years[C]// Proceedings of the 2003 Congress on Evolutionary Computation.Washington,DC:IEEE Computer Society,2003:123-130.
  • 3CHAO D L,FORREST S.Information immune system[J].Genetic Programming and Evolvable Machines,2003,4(4):311-331.
  • 4JI ZHOU.A boundary-aware negative selection algorithm[C]// Proceedings of the 9th IASTED International Conference on Artificial Intelligence and Soft Computing.Calgary,AB,Canada:ACTA Press,2005:12-14.
  • 5LEE W,STOLFO S J,MOK K W.Adaptive intrusion detect & colon:A data-mining approach[J].Artificial Intelligence Review,2000,14(6):533-567.
  • 6董晓梅,于戈,肖珂,向光.基于免疫的入侵检测方法研究[J].小型微型计算机系统,2005,26(10):1736-1741. 被引量:13
  • 7JI Z,DASGUPTA D.Estimating the detector coverage in a negative selection algorithm[C]// Proceedings of the 2005 Conference on Genetic and Evolutionary Computation.New York:ACM,2005:281-288.
  • 8GONZ(A)LEZ F A,DASGUPTA D.Anomaly detection using real-valued negative selection[J].Genetic Programming and Evolvable Machines,2003,4(4):383-403.

二级参考文献20

  • 1Cabrera J, Ravichandran B, Mehra R K. Statistical traffic modeling for network intrusion detection[A]. Proc IEEE Int Workshop Model Anal Simul Comput Telecommun Syst[C]. Washington. D. C.: IEEE Computer Society Press, 2000, 466-473.
  • 2Lindqvist U, Porras P A. Detecting computer and network misuse through the production-based expert system toolset (PBEST) [A]. In: Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy[C]. Washington D. C.: IEEE Computer Society Press, 1999, 146-161.
  • 3Lee S C, Heinbuch D V. Training a neural-network based intrusion detector to recognize novel attacks[J]. IEEE Trans Syst Man Cybern PT a Syst Humans, 2001,31(4): 294-299.
  • 4Lee W, Stolfo S J, Mok K W. Adaptive intrusion detection&colon: a data mining approach[J]. Artificial Intelligence Review, 2000,14(6) :533-567.
  • 5Hofmeyr S A, Forrest S. Architecture for an artificial immune system[J]. Evolutionary Computation, 2000,8 (4): 443-473.
  • 6Hofmeyr S A, Forrest S. Immunity by design: an artificial immune system[A]. Proceedings of the Genetic and Evolu-tionary Computation Conference (GECCO)[C]. San Francisco: Morgan-Kaufmann, 1999, 1289-1296.
  • 7Balthrop J, Esponda F, Forrest S et al. Coverage and generalization in an artificial immune system[A]. Proceedings of the Genetic and Evolutionary Computation Conference (GECCO 2002)[C]. New York: Morgan Kaufmann, 2002,3-10.
  • 8Chao D L, Forrest S. Information immune systems[A]. Proceedings of the First International Conference on Artificial Immune Systems (ICARIS) [C]. 2002, 132-140.
  • 9Hofmeyr S A. An immunological model of distributed detection and its application to computer security[D]. Albuquenque: University of New Mexico, 1999.
  • 10Dasgupta D. Immunity-based intrusion detection system: a general framework. In: Proceedings of the 22nd National Information Systems Security Conference (NISSC), 1999[EB/OL].http:∥csrc. nist. gov/nissc/1999/proceeding/papers/p11. pdf.

共引文献12

同被引文献5

  • 1Extensible Firmware Interface Specification 1. 10 [ EB/OL]. [ 2009 - 03 - 05]. http://developer. intel. com/technology/efi/.
  • 2GROSSSCHADL J , VEJDA T , PAGE D . Reassessing the TCG specifications for trusted computing in mobile and embedded systems [ C]//HOST 2008: IEEE International Workshop on Hardware-Oriented Security and Trust. Washington, DC: IEEE Press, 2008:84 - 90.
  • 3SZYDLOWSKI C. The extensible firmware interface[ J]. Dr, Dobb's Journal, 2005, 30(9): 46-48.
  • 4章睿,刘吉强,彭双和.基于EFI的信任链传递研究及实现[J].计算机应用,2007,27(9):2174-2176. 被引量:6
  • 5周振柳,李铭,翟伟斌,许榕生.基于UEFI的可信BIOS研究与实现[J].计算机工程,2008,34(8):174-176. 被引量:8

引证文献1

二级引证文献2

计算机应用
2008年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部