期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

混合型入侵检测系统的研究 被引量:4

Research on composite intrusion detection system
下载PDF
导出
摘要 针对目前的入侵检测系统大多存在误报率高、检测效率低等问题,在研究混合型入侵检测理论的基础上,提出了混合型入侵检测系统的系统构架和功能结构设计,并详细介绍了几个关键模块的理论、设计和部分算法。其特点是在数据源上结合网络和关键主机数据,在检测方法上结合异常分析技术和误用分析技术并提出了二层混合分析方法,同时在系统体系构架上可灵活扩展以适用于不同的网络环境,提高了混合型入侵检测系统的检测能力和检测的准确性。 The main problems of some normal intrusion detection system' s high error report rate and low efficiency are the singularity of information sources and analysis methods. Based on the theory of composite intrusion detection, the system architecture and functional framework of composite intrusion detection is given, and the theory, design and some algorithms of several key modules are introduced in detail. A double-layer composite analysis method as its detection method is put forward, which combines data from the network and the key hosts as its source. It can apply to different network environment with flexible architecture and raise the safety and the stability of the network.
作者 刘明川 彭长生
机构地区 重庆邮电大学继续教育学院
出处 《计算机工程与设计》 CSCD 北大核心 2009年第3期547-551,共5页 Computer Engineering and Design
关键词 网络安全 入侵检测 入侵检测系统 误用检测 异常分析 误用分析 信息融合 确定性理论 network security intrusion detection intrusion detection system misuse detection anomaly detection misuse detection information fusion theory of confirmation
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献7

  • 1陈艳芳,申铉京,谢冲.分布式入侵检测监视代理及数据融合算法[J].吉林大学学报(信息科学版),2006,24(1):82-88. 被引量:5
  • 2Yang Hongyu, Xie Lucia, Sun Jizhou.An application of decision support to network intrusion detection [C]. IEEE Canadian Conference on Electrical and Computer,2004.
  • 3安志远,刘海燕.分布式入侵检测系统设计[J].科学技术与工程,2007,7(18):4777-4780. 被引量:1
  • 4Akaike H.A new look at statistical model identification[J].IEEE Transactions on Automatic Control, 1974,19(6):716-723.
  • 5Lawrence A Klein.多传感器数据融合理论及应用[M].戴亚平,译.北京:北京理工大学出版社,2004.
  • 6徐慧,刘凤玉.多特征融合的入侵检测[J].计算机工程,2004,30(15):103-105. 被引量:10
  • 7David L Hall, James Llnias.Handbook ofmutisensor data fusion [M].CRC Press,2001.

二级参考文献25

  • 1[1]Didaci L, Giacinto G, Roli F. Ensemble Learning for Intrusion Detection in Computer Networks. www.dii. ing.unist.it/aiia2002/paper/APAUT/Abstract/didact-aiia02.pdf, 2003-3-20
  • 2[2]Duda R, Hart P, Stork D G. Pattern Classification. John Wiley & Sons, 2001
  • 3[4]Stephen Northcutt, Mark Cooper, Matt Fearnow. lntrusion Signatures and Analysis[M]. 北京: 中国电力出版社, 2002-09
  • 4[7]Kittler J, Hatef M, Duin R P W,et al. An Combining Classifiers?. IEEE Trans, on Pattern Analysis and Machine Intelligence, 1998,20(3): 226
  • 5[8]Xu L., Krzyak A, Suen C Y. Mechods for Combining Multiple Classifiers and Their Applications to Handwriting Recognition[J]. IEEE Trans. Systems, Man and Cybernetics, 1992, 22:418-435
  • 6[2]Paxson.V.Bro:a system for detecting network intruders in real-time.In:Proceedings of the 7th USENIX Security Symposium,San AntonOio,TX,1998
  • 7[3]Porras.P A,NemannP G.EMERALD:event monitoring enabling responses to anomalous live disturbances.In:National Information Systems Security Conference,Baltimore MD,October 1997:176
  • 8[4]Porras P A.ValdesA.Live tra.c analysis of TCP/IP gateways.In:Proceedings of the Internet Society Symposium on Network and Distributed System Security,March 1998
  • 9FYODOR YAROCHKIN, SnortNet-A Distributed IDS Approach [J/OL]. [2004-08]. http: //snortnet. scorpions, net/snortnet, pdf.
  • 10YOANN VANDOORSELERE, LAURENT OUDOT, MATT SCHILLINGER. Prelude: An Open Source[J/OL]. Hybrid Intrusion Detection System. [2004-08]. http: //www. prelude-ids. org/article, php3? id article=48.

共引文献17

同被引文献79

引证文献4

二级引证文献13

计算机工程与设计
2009年 第3期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部