摘要
针对目前异常入侵检测系统误报率过高、自适应能力不强等问题,提出知识库的完备度、自相似度等概念,构造一种新颖的异常入侵检测自适应模型。使入侵检测系统能够根据自身的学习情况自动调节异常和正常的判断准则,从而增强系统的自适应能力,有效降低系统的误报率,提高入侵检测的准确度。
In order to reduce the false positive rate of anomalous intrusion detection systems and to enhance their the self-adaptability of the system, based on the concepts of completeness and self-similarity of knowledge base, a novel anomaly detection model with self-adaptability is proposed. The intrusion detection system based on this model can adjust its threshold automatically to identify anomalous or normal behaviors according to its evolving knowledge. Hence, the self-adaptability of the intrusion detection system is enhanced. The false positive rate is reduced, and the accuracy of intrusion detection is improved.
出处
《计算机应用与软件》
CSCD
北大核心
2008年第9期279-280,285,共3页
Computer Applications and Software
关键词
计算机网络
入侵检测
信息安全
Computer network Intrusion detection Information security