| 基于误用检测与异常行为检测的整合模型 |
| |
| 引用本文: | 谢红,刘人杰,陈纯锴.基于误用检测与异常行为检测的整合模型[J].重庆邮电大学学报(自然科学版),2012,24(1):73-77. |
| |
| 作者姓名: | 谢红 刘人杰 陈纯锴 |
| |
| 作者单位: | 哈尔滨工程大学信息与通信工程学院,黑龙江哈尔滨,150001 |
| |
| 基金项目: | 哈尔滨工程大学硕士研究生培养基金 |
| |
| 摘 要: | 针对入侵检测中普遍存在检测率低与误报过高的问题,采用基于多维-隐马尔可夫模型的检测方法和基于Apriori算法的误用检测技术相结合的入侵检测系统(intrusion detection system,IDS)模型.新模型减少了单纯使用某种入侵检测技术时的漏报率和误报率,同时在异常检测模块中采用了隐马尔可夫与简单贝叶斯分...
|
| 关 键 词: | 入侵检测 误用检测 异常行为 |
| 收稿时间: | 2011/6/17 0:00:00 |
An integrated model based on misuse detection and anomaly behavior detection |
| |
| XIE Hong,LIU Ren-jie,CHEN Chun-kai.An integrated model based on misuse detection and anomaly behavior detection[J].Journal of Chongqing University of Posts and Telecommunications,2012,24(1):73-77. |
| |
| Authors: | XIE Hong LIU Ren-jie CHEN Chun-kai |
| |
| Institution: | College of Information and Communication Engineering, Harbin Engineering University, Harbin 150001, P.R.China |
| |
| Abstract: | Aimed at low detection rate and high false positive rate problems which are widespread in intrusion detection system, an intrusion detection system (IDS) model was combined by the detection method based on multi-dimensional-hidden Markov model and misuse detection technology based on Apriori algorithm. The false negative rate and false positive rate were reduced by the new model when a simple intrusion detection technology was used, meanwhile, a new detection method which was integrated by Hidden Markov and simple Bayesian classifier in the anomaly detection module was put to use, multi-dimensional sequence which has time correlation was dealt with by it, thereby it enhanced system security and detection efficiency. Result evaluations by using KDD Cup99 data sets show that: detection rate of new model systems is 93.12%, false positive rate is 0.46%, and it can detect intrusion behavior of network data effectively. |
| |
| Keywords: | intrusion detection misuse detection anomaly behavior |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《重庆邮电大学学报(自然科学版)》浏览原始摘要信息 |
| 点击此处可从《重庆邮电大学学报(自然科学版)》下载免费的PDF全文 |
|
