摘要
针对网络攻击的新特点,本文提出了一种基于Chi-square检验的分布式网络入侵检测系统模型CTDIDS。设计并实现了一个基于异常检测的入侵分析引擎。通过对网络数据包的分析,运用Chi-square值比较对系统的行为进行检测。与现有的入侵检测方法相比,本文提出的方法具有更好的环境适应性和数据协同分析能力。实验证明,分布式入侵检测系统CTDIDS具有更高的准确性和扩展性。
According to the signature of network attacks,this paper presents a Chi-square test based distributed intrusion detection system CTDIDS.An anomaly detection based intrusion analysis engine is designed.By analyzing the network data,the system uses Chi-square value to detect intrusion events.Comparing with current IDS,our method has also incorporates some self-adaptation mechanisms to yield high accuracy of detection in dynamic networks.Experiment results show that CTDIDS has higher efficiency and scalability.
出处
《微计算机信息》
2010年第15期98-99,92,共3页
Control & Automation