摘要
随着互联网科技的进一步革命,在它给我们带来大量便利的同时,其引发的安全问题也一直让众多用户感到头疼。基于此,考虑到隐马模型(Hidden Markov Model,HMM)具有的模型理论透彻、算法成熟、分类器学习性能高等优点,很多学者都曾研究过基于HMM的主机入侵检测。常规的方法是以系统调用作为模型观测值,以程序中出现的系统调用总数作为模型状态数。但由于训练分类器的观测序列过长会导致模型参数不易收敛等问题。文章将提出一种基于数据为特征的网络入侵检测方式。
With the further revolution,the Internet technologies bring us more convenience,as well as some problems bothering users all the time so that considering the HMM has numerous advantages,a lots of scholars have studyed the host intrusion detection based on HMM.The conventional measure is that viewing system calls as observed values and regarding the number of system calls existing in the processes the number of model's status.The model's parameters are hard to converge due to the long observed value sequence so that the article illustrates a measure of network intrusion detection based on the data feature's analyses.
作者
潘秋羽
Pan Qiuyu(College of Computer Science,Xi'an Polytechnic University,ShaanxiXi'an 710048)
出处
《网络空间安全》
2018年第4期65-68,共4页
Cyberspace Security
关键词
入侵检测
异常检测
数据特征
隐马尔可夫模型
intrusion detection
anomaly detection
data feature
hidden markov model
