期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于信息融合的入侵检测模型与方法 被引量:9

An Intrusion Detection Framework Based on Information Fusion
下载PDF
导出
摘要 研究了入侵检测系统 (IDS)研究现状 ,针对当前 IDS系统误报率高和对时间及空间上分散的协同攻击无法有效检测的缺陷 ,引入信息融合和多传感器集成的观点 ,提出了一个多层次的 IDS推理框架和原型系统 .该原型系统采用贝叶斯网络作为多传感器融合的工具 ,用目标树的方法来分析协同攻击的攻击企图 ,并最终量化系统的受威胁程度 .相比现有的 IDS,该原型的结构更加完整 。 State of the art of the Intrusion Detection technology is investigated and a new IDS inference framework and prototype based on information fusion is proposed. The new framework is to solve the problems of existing IDS——high false positive rate and incapable of detection of coordinated attacks. The prototype employ Bayesian Network to do information fusion and goal-tree to analyze intensions of coordinated attacks and quantify the security risk of system. The prototype is more integral than existing IDS and easier to find coordinated attacks with lower false positive rate.
作者 李辉 蔡忠闽 韩崇昭 管晓宏
机构地区 西安交通大学电子与信息工程学院
出处 《小型微型计算机系统》 CSCD 北大核心 2003年第9期1602-1606,共5页 Journal of Chinese Computer Systems
基金 国家 8 63计划 (2 0 0 1AA14 0 2 13 )资助 国家重点基础研究发展规划 973项目 (2 0 0 1CB3 0 940 3 )资助
关键词 入侵检测 信息融合 网络安全 贝叶斯网络 目标树 intrusion detection information fusion computer network security bayesian network goal-tree
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献14

  • 1White F. A model for data fusionCC3. SPIE Conference on Sensor Fusion Orlando,FL. April, 1988.
  • 2Julia Allen, Alan Christie, William Fithen,John McHugh,Jed Pickel, Ed Stoner. State of the practice of intrusion detection technologies[R]. Networked Systems Survivability Program,Technical Report CMU/SEI-99-TR-028 ESC-99-028.
  • 3Stephen Northcutt network intrusion detection: an analyst's handbook[M]. New Riders Publishing,1999.
  • 4Stephanie Forrest Stevan A. Hofmer. A sense of self for unix processes[C]. Proceedings of the 1996 IEEE Symposium on Security and Rivacy, 120- 128.
  • 5Wenke Lee,Salvatore and ]. Stolf data mining approaches for intrusion detection[C].In :Proceedings of the 7thUSENIX Security Symposim, 1998.
  • 6Tamaru A,Gilham F,Jagannathan R,et al. A real-time intrusion detection expert system(IDES) [Z]. SRI-CSL-92-05 1992-04.
  • 7Fox K L,Henning R R, Reed J H, et al. A neural network approach toward intrusion detection[C].In : Proceedings of the 13th National Computer Security Conference, 1990,10.
  • 8Porras P. Kemmerer R. Penetration state transition analysis -a rule based intrusion detection approach[C].In:Proceedings of the Eight Annual Computer Security Application Conference, 1992.220-229.
  • 9Ming-Yuh Huang,Robert J.Jasper.A large scale distributed intrusion detection framework based on attack strategy analysis[]]. Computer Networks 1999,31. 2465-2475.
  • 10Tim Bass Intrusion Detection System -. Multisensor Data Fusion:Create Cyberspace Situational Awareness[J]. Communication of the ACM. 2000,43(4) ,99-105.

同被引文献40

引证文献9

二级引证文献50

小型微型计算机系统
2003年 第9期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部