期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于句法模式识别的异常入侵检测技术研究 被引量:2

Research on anomaly intrusion detection based on structure pattern recognition
下载PDF
导出
摘要 针对异常入侵检测存在的准确性差、速度慢的问题,提出一种基于句法模式识别的异常检测技术。该方法将句法模式识别技术应用到入侵检测中,通过该技术对结构的强大描述和识别能力,提高入侵检测的准确性和速度;描述了如何用句法模式识别技术建立程序执行的正常模型,以及如何使用模型检测入侵;并通过实验,验证了方法的有效性。 A new anomaly intrusion detection method based on structure pattern recognition is proposed so as to improve the accuracy and speed of anomaly detection. The method applies the structure pattern recognition technique to intrusion detection. Because of the powerful ability of description and identification in the technique, the accuracy and speed are enhanced. This paper describes how the structure pattern recognition technique is used to establish the normal mode in the program execution, and how this model is used in intrusion detection. The effectiveness of this method is proved by the experiments.
作者 沈明玉 邱文庆
机构地区 合肥工业大学计算机与信息学院
出处 《合肥工业大学学报(自然科学版)》 CAS CSCD 北大核心 2008年第5期708-710,共3页 Journal of Hefei University of Technology:Natural Science
关键词 异常入侵检测 系统调用序列 句法模式识别 anomaly intrusion detection sequence of system calls structure pattern recognition
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献8

  • 1Denning D E. An intrusion detection model [J]. IEEE Transactions on Software Engineering, 1987, 13 (2) : 222-232.
  • 2Forrest S, Hofmeyr S A, Somayaji A, et al. A sense of self for Unix processes[C]//Proceedings of the 1996 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, 1996 : 120-128.
  • 3Warrender C, Forrest S, Pearlmutter B. Detecting intrusions using system calls: alternative data models[C]// The 1999 IEEE Symposium on Security and Privacy. Oak land: IEEE Computer Society, 1999 : 133-144.
  • 4Kosoresow A P, Hofmeyr S A. Intrusion detection via system call traces[J]. IEEE Software, 1997,14(5) : 35-42.
  • 5Hofmeyr S A, Forrest S, Somayaji A. Intrusion detection using sequences of system calls [J]. Journal of Computer Security, 1998,6 (3): 151-180.
  • 6Eskin E, Lee W, Stolfo S J. Modeling system calls for intrusion detection with dynamic window sizes[C]//Proceedings of DARPA Information Survivability Conference Exposition Ⅱ,2001: 165-175.
  • 7Liao Y H, Vemuri V R. Use of k-Nearest Neighbor classifier for intrusion detection [J]. Computers & Security, 2002,21(5):439-448.
  • 8Forrest S. CERT synthethic sendmail data[EB/OL], http://www. cs. unto. edu/- immsec/data/synth-sm. html,1996.

同被引文献13

  • 1魏广科.基于异常的入侵检测技术浅析[J].计算机工程与设计,2005,26(1):107-109. 被引量:10
  • 2Wang Ke,Stolfo S J.Anomalous payload-bases network instrusion detection [Z].RAID, SpringerLink,2004.
  • 3Krueger C, Toth T, Kirda E.Service specific anomaly detection for network intrusion detection [C]. Spain: Symposium on Applied Computing, 2002.
  • 4MIT LINCOLN LAB[EB/OL].http://www.ll.mit.edu/IST/idevalf index.html.
  • 5现代应用数学手册编委会.现代应用数学手册--概率统计与随即过程卷[M].北京:清华大学出版社,2002:366-373.
  • 6Martin Roesch,Chris Green.Snort users mannal[EB/OL].http:// www.snort.org/docs/writing_rules/.
  • 7Snort 2.0 protocol flow analyzer, sourcefire inc[EB/OL].http:// www.sourcefire.com,2003.
  • 8Mark W Johnson.Application Response Measurement(ARM)Issue4.0 Version2—Java Binding[M].UK:The Open Group,2004.
  • 9Diakov K,Batteram J,Zandbel H.Monitonng of distributed component interactions[C]//Proceedings of the IFIP InternationalConference on Distributed Sy.
  • 10SHEN Jianfang C L,FU Xiufen.Implementation of Program Behavior Anomaly Detection and Protection Using Hook Technolo-gy[C]//International Conference.

引证文献2

二级引证文献1

合肥工业大学学报(自然科学版)
2008年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部