摘要
入侵过程由一系列入侵行为组成,每个入侵行为包含一个或多个入侵事件,这些事件间可能存在各种各样的关系。该文对入侵事件特征进行研究,从检测角度对入侵事件进行分类。定义了入侵事件,建立了入侵事件的一般模型。从时间、空间和功能方面分析了事件间的内在联系,并依据这些关系建立了入侵事件逻辑、统计和模糊模型,以描述不同的入侵行为,并举实例予以分析。
Intrusion process consists of a series of intrusion behavior, which comprises one or some intrusion events. There are various relations among these intrusion events. Intrusion characteristic is studied, and intrusion events are classified by those aspects of intrusion. By defining intrusion event, common model of intrusion events is established. Based on analysis of time relations, space relations and function relations among intrusion events, the logical model, statistical model and fuzzy model are established. With these models, intrusion behavior can be represented. And it is testified by instance.
出处
《计算机工程》
CAS
CSCD
北大核心
2008年第9期151-153,共3页
Computer Engineering
基金
军械工程学院创新人才科研启动基金资助项目
关键词
入侵事件
事件关系
事件模型
intrusion events
event relation
event model