摘要
入侵防御系统是一种重要的安全防护措施,用于抵御针对信息系统的恶意攻击。但是不恰当的系统配置会对网络性能产生负面影响,如增大端到端延迟或数据包丢失率。大多数研究者关注的是提出新的入侵防御系统,分析其所使用的机器学习算法,而忽视对入侵防御系统本身性能的量化分析。文章将系统看作是一个拟生灭过程,通过建立二维的马尔可夫链模型,求得其稳定概率分布来计算一些重要的性能指标。实验证明利用文章所提出的通用分析方法可以有效评价系统性能,同时也间接证明了模型的正确性。
Intrusion prevention system (IPS) is a crucial defensive measure against malicious attacks to information system. However, the improper IPS conifguration can have a negative impact on network performances in terms of end-to-end delay or packets loss. Most researchers mainly focus on putting forward new IPS and analyzing the different methodologies, but ignoring the research of quantitative analysis on IPS. By analyzing the system as a quasi-birth-and –death process, this paper obtains the steady probabilities distribution to compute some important indices by establishing a two-dimensional Markov chain model. The experimental results prove that the general analytical method can effectively evaluate the performances of IPS, and also testify the correctness of the model indirectly.
出处
《信息网络安全》
2015年第9期46-49,共4页
Netinfo Security
基金
国家自然科学基金[71271187
71471160]
关键词
入侵防御系统
马尔可夫链模型
性能分析
intrusion prevention system
Markov chain mode
performance analysis