摘要
计算机系统安全的“免疫系统”方法是在研究了特权程序对应的系统调用短序列具有很强的稳定性的基础上提出的。系统调用短序列与生理免疫系统中用于区别病菌和其他有害物质的缩氨酸(一种蛋白质片断)类似,可作为用户程序行为模式。该文提出了一个基于“免疫系统”方法的Linux系统级入侵检测模型,并讨论了此入侵检测模型的实现技术。
The'Immune System'method for computer syst em security is based on the fact that the short sequences of system calls in runni ng processes are consistent.The short system calls are similar to the peptides used to distinguish the dangerous pathogens and other foreign materials from the harmless molecules normally within the body.The short system calls can be used to construct the database of normal behavior patterns for the processes.T his paper proposes a system-level intrusion detection system model,and discussed t he technologies of the system realization.
出处
《计算机工程与应用》
CSCD
北大核心
2002年第13期24-25,41,共3页
Computer Engineering and Applications
基金
天津市自然科学基金重点项目(编号:013600711)
关键词
系统级入侵检测
计算机网络
网络安全
防火墙
“免疫系统”方法
Immune System'method,I ntrusion detection,Short system call sequence,Normal and abnormal behavior pat tern