摘要
误警率较高是入侵检测系统(IDS)存在的一个主要问题,极大影响了检测结果的可信性。形式化分析了IDS可信问题与误报率的关系以及异常IDS误警率问题产生原因,借鉴生物免疫系统,提出了基于人工免疫思想,动态构建正常系统轮廓,抑制误警率的方法。给出了抗原、抗体的形式化描述及检测的具体过程,并进行了仿真和对比实验。理论分析和实验表明,该方法有效降低了IDS的误警率。
The main problem of intrusion detection system(IDS) is high false alarm rate,which greatly affects the creditability of detecting results.The relationship between the IDS creditability and the false alert rate and the cause of anomalous IDS false alarm rate was formally analyzed.Referring to the biologic immune system,the method to suppress the false alarm rate is presented by constructing normal profile of system dynamically based on artificial immunity conception.The formal expression of antigen and antibody,the concrete detecting process were given,and the simulation and comparative experiment were carried out.Theoretical analysis and experiments show that the method can abate the false alarm rate effectively.
出处
《计算机应用与软件》
CSCD
2010年第7期298-300,共3页
Computer Applications and Software
关键词
异常入侵检测
误警率
人工免疫
Anomaly intrusion detection False alarm rate Artificial immunity