| 基于分层抽样的入侵检测方法 |
| |
| 引用本文: | 林龙涛,贾小珠,任厚来.基于分层抽样的入侵检测方法[J].青岛大学学报(自然科学版),2007,20(1):78-81. |
| |
| 作者姓名: | 林龙涛 贾小珠 任厚来 |
| |
| 作者单位: | 青岛大学,信息工程学院,青岛,266071 |
| |
| 摘 要: | 将分层抽样理论应用于网络入侵检测。通过统计网络数据包负载字段中的字节分布规律,得到数据包异常的度量,将此度量作为分层特征参数,用以从总体中抽取出有价值的样本。建立了基于Mahalanobis距离的异常检测模型对样本进行检测。实验结果表明,采用DARPA 1999年IDS评测数据集,在选定的97个待检测的攻击实例中,当保证误报率低于19/6时,本方法可以达到50%以上的检测准确率。
|
| 关 键 词: | 入侵检测 高速网络 分层抽样 异常检测 |
| 文章编号: | 1006-1037(2007)01-0078-04 |
| 收稿时间: | 2006-11-15 |
| 修稿时间: | 2006-11-15 |
Method of network Intrusion Detection Based on Stratified Sampling |
| |
| LIN Long-tao,JIA Xiao-zhu,REN Hou-lai.Method of network Intrusion Detection Based on Stratified Sampling[J].Journal of Qingdao University(Natural Science Edition),2007,20(1):78-81. |
| |
| Authors: | LIN Long-tao JIA Xiao-zhu REN Hou-lai |
| |
| Institution: | College of Information Engineering, Qingdao University, Qingdao 266071, China |
| |
| Abstract: | A technique of network intrusion detection based on stratified sampling theory was presented.The packets' anomalous level is obtained according to its payload bytes distribution,which is used as stratified parameter to filter valuable samples from the total.By using Mahalanobis method every sample was detected.Results show that this method can attain above 50% accurate rate with below 1% false rate in 97 specified attacking cases from DARPA 1999 IDS evaluation dataset. |
| |
| Keywords: | intrusion detection high-speed network stratified sampling anomalous detection |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
