基于有向滑动时间窗的报警动态选择算法

Alert dynamic selection algorithm based on direct slide time window

下载PDF

导出

摘要针对现有报警选择方法在实时性和精确性方面存在的不足,提出一种基于有向滑动时间窗的报警动态选择算法。依据历史关联结果的趋向特征,动态调整每个时间窗内报警抽取的概率,向历史关联强度高的时间窗分配更高的抽取概率,提高报警关联的效率和准确性。仿真结果表明,该算法在实时性上远高于报警全选方法和随机选择方法,在关联精度上优于随机选择方法。 Aiming at the insufficiency of current alert selection approaches in terms of real-time and accuracy,a alert dynamic selection approach based on direct slide time window was proposed.The abstract probability of alerts from each time window were adj usted based on the tendency feature in the history,and higher abstract probability to the higher correlation strength in the history to improve the efficiency and accuracy of alert correlation.Experimental results show that the real time performance of the proposed algorithm is much higher than that of all selection approach and random selection approach,and its correlation accuracy is superior to that of random selection approach.

作者汪永伟苏会芳张红旗刘育楠邱卫

机构地区信息工程大学河南省信息安全重点实验室河南省外贸学校

出处《计算机工程与设计》北大核心 2015年第2期346-349,354,共5页 Computer Engineering and Design

基金国家973重点基础研究发展计划基金项目(2011CB311801) 国家863高技术研究发展技术基金项目(2012AA012704)

关键词报警关联时间窗报警选择随机选择关联兴趣度 alert correlation time window alert selection random selection correlation interest

分类号 TP393.03 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献10

1Peng L,Chen W,Xie D,et al.Dynamically real-time anomaly detection algorithm with immune negative selection[J] .Appl Math,2013,7(3):1157-1163.
2Chen S.Optimized multilevel immune learning algorithm in abnormal detection[J] .Information Technology Journal,2013,12(3):514-517.
3Suarez-Tangil G,Palomar E,Pastrana S,et al.Artificial immunity-based correlation system[C] //SECRYPT,2011:422-425.
4LIU J,LI Y,MENG J,et al.Intrusion detection system alerts fusion based on fuzzy comprehensive evaluation and immune evolution[J] .Journal of Computational Information Systems,2013,9(4):1509-1516.
5Kabiri P,Ghorbani A.A rule-based temporal alert correlation system[J] .International Journal of Network Security,2007,5(1):66-72.
6Ren H,Stakhanova N,Ghorbani A.An online adaptive approach to alert correlation[M] .Detection of Intrusions and Malware,and Vulnerability Assessment,Springer Berlin Heidelberg,2010:153-172.
7Ahmadinejad H,Jalili S.Alert correlation using correlation probability estimation and time windows[C] //Proceedings of the International Conference on Computer Technology and Development,IEEE,2009:170-175.
8Bateni M,Baraani A.Time window management for alert correlation using context information and classification[J] .International Journal of Computer Network&Information Security,2013,5(11):9-16.
9Bateni M,Baraani A,Ghorbani A A.Using artificial immune system and fuzzy logic for alert correlation[J] .Int J Netw Secur,2013,15(1):160-174..
10Elshoush H T,Osman I M.Alert correlation in collaborative intelligent intrusion detection systems-a survey[J] .Applied Soft Computing,2011,11(7):4349-4365.

1潘小燕.数据仓库中物化视图选择算法的分析和比较[J].科技风,2010(19):17-18.
2薛中奇,维尼拉.木沙江,赵丽红.维吾尔文搜索引擎中的压缩技术[J].电脑知识与技术,2011,7(9X):6623-6624.
3冷彪,覃征.基于先验知识的三维模型特征选择算法[J].清华大学学报（自然科学版）,2008,48(4):586-588. 被引量：4
4倪志伟,王会颖,吴昊.基于MapReduce和多目标蚁群算法的制造云服务动态选择算法[J].中国机械工程,2014,25(20):2751-2760. 被引量：12
5胡嘉伟,吴云志,乐毅,张友华.基于改进LF算法的PPI网络聚类方法[J].湖南工程学院学报（自然科学版）,2016,26(3):56-59. 被引量：1
6王长平,张志强,张晓强.动态选择算法在泵房虚拟现实监控中的应用[J].煤矿机械,2009,30(11):172-175.
7陈彬茹.Delphi实现图像反选方法[J].中国科技信息,2008(14):135-135.
8程坷飞,董慧颖.足球机器人比赛中决策策略的动态选择算法[J].沈阳航空工业学院学报,2003,20(4):29-30.
9李明,刘青宝,陆昌辉.新型物化视图选择算法[J].计算机应用,2009,29(6):1605-1607. 被引量：2
10张庆锋.计算器LCD显示屏与单片机的简单接口[J].电子技术应用,1996,22(2):42-43.

计算机工程与设计

2015年第2期

浏览历史

内容加载中请稍等...

基于有向滑动时间窗的报警动态选择算法

参考文献10

相关作者

相关机构

相关主题

浏览历史