| 降低入侵检测误报率的研究 |
| |
| 作者单位: | 山东轻工业学院金融职业学院 |
| |
| 摘 要: | 采用单包分析技术的网络入侵检测系统常具有较高的误报率,影响其实用性。本文通过对入侵检测系统误报产生原因的分析,提出了应该从整体上理解入侵过程并且针对具体环境进行分析的思想,设计实现了警报决策系统,在保证检测率的同时,有效地降低了入侵检测系统的误报率。
|
| 关 键 词: | 入侵检测 Snort 数据挖掘 减少误报 |
The Research and realization of Honeypot system under the Windows platform |
| |
| Authors: | Zhang Lu |
| |
| Abstract: | In the network intrusion detection system (NIDS),the single packet analyzing technique is utilized,which leads to high rate of false alarm. In the paper,through the analysis of the fact that cause the false positive in intrusion detection system,I proposes the thought that it should comprehend the inbreak course in whole and aim at concrete environment to analyze.Base on this thought,I design and realize the alarm decision system. The gained experiment data show that the alarm decision system can effectively lower the false positive rate of intrusion detection system without affecting detection rate. |
| |
| Keywords: | Intrusion Detection Snort Data Mining False Alarm Reduction |
| 本文献已被 CNKI 等数据库收录! |
|
