期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种新的潜在入侵检测方法

The New Nethod of Latent Intrusion Detection
下载PDF
导出
摘要 误用检测是当前大多数入侵检测系统都采用的检测方法,它虽然对入侵的检测成效显著,但对一些潜在的入侵行为,无能为力。本文提出了一种新的入侵检测方案,它通过捕获动态的、潜在控制流和数据流,建立主体和对象之间的关系并进行分析,从而判断出潜在入侵行为。讨论了该方案的系统状态和状态转化规则,并通过一个实例证实了它在网络检测中的有效性。 At present, misuse detection is a current method of intrusion detection. Despite of excellent effect on intrusions, it holds futile on latent intrusion. This paper provides a new scheme for intrusion detection. Through tracing the data stream and control flow in the safety system, the scheme can establish the relationship of subject and object. According to the analysis of the relationship, it may recognize latent intrusions. The article introduces the system states and state transition of the scheme. In the end, we evaluate the model by an implemental case.
作者 黄素萍 弋改珍 李延香
机构地区 咸阳师范学院计算机科学系
出处 《咸阳师范学院学报》 2008年第2期59-61,共3页 Journal of Xianyang Normal University
基金 咸阳师范学院基金项目(06XSYK282)
关键词 入侵检测 误用检测 状态转换 intrusion detegtion misuse detection state transition
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献8

  • 1John McHugh. Intrusion and intrusion detection[J]. International Journal of Information, 2001 (1): 14-15.
  • 2Harmer P K, Williams P D, Gunsch G H,et al. An Artificial Immune System Architecture for Computer Security Applications[J].IEEE TRANSACTIONS ON EVOLUTIONARY COMPUTATION, 2002, 6(3): 239-251.
  • 3卿斯汉,蒋建春,马恒太,文伟平,刘雪飞.入侵检测技术研究综述[J].通信学报,2004,25(7):19-29. 被引量:234
  • 4Koral I, Richard A K, PhiUip A P. State transition analysis: a rule-based intrusion detection approach[J]. IEEE Transactions on Software Engineering, 1995,21(3):181-1991.
  • 5凌宇,徐雄,石林安.NIDS中协议分析和模式匹配的研究[J].信息技术,2006,30(5):82-84. 被引量:4
  • 6Bace,R.Intrusion Detection [M].Macrnillan Technid Publishing,2000 : 120,135.
  • 7Vigna G, Richard A K. NetST AT: A network-based intrusion detection approach [A],In Proceedingso the 14th Annual Computer Security Application Conference1 Arizona: Scottsdale, 1998:1-101.
  • 8张丽红,赵俊忠.网络入侵检测技术分析[J].交通与计算机,2003,21(6):53-56. 被引量:3

二级参考文献58

  • 1伊静,刘培玉.入侵检测中模式匹配算法的研究[J].计算机应用与软件,2005,22(1):112-114. 被引量:14
  • 2[1]Bace. R. Intrusion Detection. Macmillan Technical Publishing,2000. 120 ~ 135
  • 3[2]Ghosh. Michael, Two State-based Approaches to Programbased Anomaly Detection. In Proceedings of the 16thAnnual Computer Security Applications Conference ( ACSAC 2000), 2000. 231 ~ 243
  • 4[3]Heady. Richard , Luger. George , Maccabe. Arthur . The Architecture of a Network Level Intrusion Detection System. Technical Report CS90-20, Department of Computer Science, University of New Mexico, August 1990. 151 ~154
  • 5[4]Mukherjee. B , LevittHeberlein,Network Intrusion Detection, IEEE Network,1994, 8 (3) :26 ~41.
  • 6[5]M , L. Security Audit Trail Analysis Using Genetic Algorithms. In: Proceedings of the 12th International Conference on Computer Safety, Reliability and Security,1993. 329 ~ 340
  • 7[6]Agarwal, PNrule. Joshi :A New Framework for Learning Classifier Models in Data Mining ( A Case - Study in Network Intrusion Detection). In Proceedings of the 1 th SIAM International Conference on Data Mining, 2001. 221~ 228
  • 8LEE W,STOLFO S,MOK K. A data mining framework for adaptive intrusion detection[EB/OL]. http://www.cs.columbia.edu/~sal/ hpapers/framework.ps.gz.
  • 9LEE W, STOLFO S J, MOK K. Algorithms for mining system audit data[EB/OL]. http://citeseer.ist.psu.edu/lee99algorithms.html. 1999.
  • 10KRUEGEL C, TOTH T, KIRDA E.Service specific anomaly detection for network intrusion detection[A]. Proceedings of the 2002 ACM Symposium on Applied Computing[C]. Madrid, Spain, 2002. 201-208.

共引文献238

咸阳师范学院学报
2008年 第2期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部