摘要
为解决开放企业计算环境中可疑行为检测困难导致的行为检测误报率和漏报率高的问题,将实体行为信任管理机制引入行为检测中,提出一个基于信任的行为检测模型。模型由感知层、检测层和响应层组成。检测层通过分析实体行为的历史记录,建立行为的信任档案,依据行为的综合信任度判定可疑行为的性质,响应层根据判定结果进行处理。通过模拟实验说明了该模型能够有效提高未知行为检测的准确度,大大降低行为检测的漏报率和误报率。
To solve the problems of high false positive rate and false negative rate for suspicious behaviors detection in open enterprise computing environment,a trust-based behaviors detection model(IPSTrust) which introduced the entity behavior trust management mechanism into behavior detection was proposed.The IPSTrust model was made up of the perception layer,detection layer and the response layer.Through analyzing the history of entity behavior,detection layer established mainly behavior trust records.The property of suspicious behavior was determined based on comprehensive trust degree of behavior,and the response layer processed the behaviors according to the results.The simulation experiment results showed that IPSTrust model could effectively reduce the false positive rate and false negative rate and improve the behavior detection accuracy.
出处
《计算机集成制造系统》
EI
CSCD
北大核心
2013年第1期217-223,共7页
Computer Integrated Manufacturing Systems
基金
国家自然科学基金资助项目(61272125)
河北省自然科学基金资助项目(F2011203234)
河北省高等学校科学技术研究重点资助项目(ZH2011115)~~
关键词
开放企业计算环境
行为检测
检测模型
行为信任管理
open enterprise computing environment
behavior detection
detection model
behavior trust management