2Anderson J P. Computer Security threat monitoring and surveillance[R]. Technology Report, James P Anderson Co., Fort Washington, Pennsylvanin, 1980.
3Canndy J. Artificial neural network for misuse detection[J]. Proceeding of the 1998 National Information System Security Conference (NI-SSC' 98), 1998, (10): 5-8: 443-456.
4Steven A H. An immunological model of distributed detectionand its application to computer security[D]. [s.l]: University of New Mexico, 1999.
5Wenke Lee, Stolfo S J, Mok K W. A Data Mining Framework for Building Intrusion Detection Model[C]. Proceedings of the 1999 IEEE Symposium on Security and Privacy, 1999.
6Pawlak Z. Vagueness and uneertainty-a rough set perspective [J]. Computational Intelligence, 1995, 11 (2): 227-232.
7Horspool R N. Practical fast searching in strings[J]. Software Practice & Experience, 1980,10(6):501~506
8Sunday D M. A very fast substring search algorithm[J]. Communications of the ACM,1990,33(8):132~142
9Ilgun K,Kemmerer R A, Porras P A. State transition analysis: a rule-based intrusion detection approach[J]. Software Engineering IEEE Transactions ,1995, 21(3):181~199
10Kunth D E,Morris(Jr) J H,Pratt VR. Fast pattern matching in strings[J]. SIAM Journal on Computing,1977,6(1):323~350