摘要
论文提出了一种基于网络流量预测模型的CFAR入侵检测系统。采用AR模型对网络流量进行预测,并运用雷达信号处理中的恒误警CFAR技术,选取检测阀值以判定是否存在入侵信号。利用林肯实验室DARPA数据对系统进行试验,通过对不同的CFAR检测进行比较分析,最后提出三种CFAR联合检测,使得系统具有更高的检测率和更低的误警率。
Constant false alarm rate(CFAR) intrusion detection method based on network flow prediction is proposed in this paper. The network flow can be predicted by using the AR model, and an appropriate detection threshold is chosen through the CFAR in radar signal processing, which can decide whether an intrusion signal exists or not. According to the simulations based on the DARPA datasets of Lincoln Lab, different CFAR detections are compared and analyzed. Finally, the united CFAR detection is proposed, which shows that the detective probability is actively high while the false alarm rate fairly low.
出处
《信息安全与通信保密》
2008年第8期112-115,共4页
Information Security and Communications Privacy