摘要
在网络对抗中同时存在多种注入性入侵的情况下,需要及时准确地检测出入侵的恶意程序。传统的检测方法需要提取数据库中所有恶意程序样本特征参数进行比对,由于外部注入的恶意程序的与传统入侵特征不同,伪装水平较高,使得恶意程序特征与正常程序特征难以分别,检测结果准确性降低,导致军事网络安全受到严重威胁。为此,提出一种基于特征优化算法的外部多网络对抗中注入性入侵检测方法。根据主要特征分析方法,能够得到注入性入侵恶意程序的主要特征,利用注入性入侵特征映射条件,能够得到注入性入侵的检测模型,实现了网络对抗中注入性入侵的检测。实验结果表明,利用该算法能够准确的检测出网络对抗中注入性入侵的恶意程序,效果令人满意。
In the network against the presence of various injection sexual invasion at the same time, need timely and accurately detect the invasion of malicious programs. Traditional detection methods need to extract the database all malware samples compare the characteristic parameters, because of the external injection of malicious programs, unlike traditional intrusion characteristics, higher levels of disguise, makes it hard for malicious program features with normal process respectively, test result accuracy is reduced, lead to military threats to network security. For this, put forward a kind of external network against more based on feature optimization algorithm into intrusion detection method. According to main characteristics analysis method, can get into one of the main features of the invasion of malicious programs, using injection intrusion feature mapping conditions, can be injected into intrusion detection model, realize the network against injection intrusion detection. Experimental results show that using this algorithm can accurately detect the network confrontation with invasion of the malicious program, the effect is satisfactory.
出处
《科技通报》
北大核心
2014年第7期154-157,共4页
Bulletin of Science and Technology
关键词
网络对抗
注入性入侵
检测模型
特征优化算法
network confrontation
injection invasion
detection model
feature optimization algorithm
