期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

多源入侵检测警报的决策级融合模型 被引量:2

Decision-level fusion model of multi-source intrusion detection alerts
下载PDF
导出
摘要 为了大幅降低对训练样本的要求,摒弃苛刻的约束条件,提出了一种支持在线增量训练的警报融合模型。将初级警报向量映射为表决模式,以缩小统计空间。通过训练统计出各种表决模式在正常或攻击流量下的条件概率分布,依据统计特征的变化即时推断待检测流量的构成情况,使用阈值约束法和贝叶斯推断做出融合决策。从而拓展了适用范围,并且能较好地跟踪适应待检测流量,仅需少量训练样本便可显著提升检测性能。 In order to lessen the dependence on training samples significantly and eliminate rigorous constraint conditions, an alert fusion model that supports online incremental training was presented. Firstly, primary alerts vector was mapped to voting pattern, so as to reduce statistical space. Then, the conditional probability distributions of various voting patterns in normal or attack traffic were inferred via training. Afterwards, according to the variation of statistical characteristics, the composition of the traffic being detected was inferred instantly. Finally, fusion decision was made via threshold constraint method and Bayesian inference. Besides extended applicative scope, the model proposed can track and adapt to the traffic being detected well, and improve detection performance significantly only via small scale training.
作者 李志东 杨武 王巍 苘大鹏
机构地区 哈尔滨工程大学信息安全研究中心
出处 《通信学报》 EI CSCD 北大核心 2011年第5期121-128,共8页 Journal on Communications
基金 国家高技术研究发展计划("863"计划)基金资助项目(2007AA01Z473) 国家242信息安全计划基金资助项目(2007B17) 哈尔滨工程大学研究基金资助项目(HEUFT09011)~~
关键词 网络安全 入侵检测 决策级融合 表决模式 统计推断 network security intrusion detection decision-level fusion voting pattern statistical inference
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献10

二级参考文献40

  • 1Bass T. Multi-sensor Data Fusion for Next Generation Distributed Intrusion Detection Systems[C]//Proceedings of National Symp. on Sensor and Data Fusion. Laurel, USA: [s. n.], 1999.
  • 2张秋余,孙宁,迟宁,刘晔.基于模糊信息融合的网络化系统安全态势评估[J].计算机工程,2007,33(13):182-184. 被引量:6
  • 3Duin R P W, Tax D M J. Experiments with classifier combining rules. In: Proceedings of the 1st International Workshop on Multiple Classifier Systems (MCS2000), Cagliari, Italy, 2000.16~29
  • 4Xu L, Krzyzak A, Suen C Y. Method of combining multiple classifiers and their application to handwritten numeral recognition. IEEE Transactions on Systems, Man and Cybernetics, 1992, 22(3):418~435
  • 5Kittler J, Hatef M, Duin R P W, Matas J. On combining classifiers. IEEE Transactions on Pattern Analysis and Machine Intelligence, 1998, 20(3): 226~239
  • 6Altincay H, Demirekler M. An information theoretic framework for weight estimation in the combination of probabilistic classifiers for speaker identification. Speech Communication, 2000, 30(4):255~272
  • 7Kand H J, Lee S W. Combining classifiers based on minimization of a Bayes error rate. In: Proceedings of the 5th International Conference on Document Analysis and Recognition, Fort Collins, Colorado, USA, 1999. 124~129
  • 8Dorigo M, Maniezzo V, Colorni A. Ant system: Optimization by a colony of cooperating agents. IEEE Transactions Systems, Man and Cybernetics-Part B, 1996, 26(1):29~41
  • 9Langton C G. Artificial life. In: Langton C G ed. Artificial Life, Volume VI of SFI Studies of Complexity. Redwood City: Addison-Wesley, 1989.1~47
  • 10Ho T K. Nearest neighbors in random subspaces. In: Proceedings of the 2nd International Workshop on Statistical Techniques in Pattern Recognition, Sydney, Australia, 1998. 640~649

共引文献43

同被引文献14

引证文献2

二级引证文献6

通信学报
2011年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部