| 基于隐马尔可夫模型的无线局域网媒体接入控制层入侵检测方法 |
| |
| 引用本文: | 李金铃,周颢,赵保华.基于隐马尔可夫模型的无线局域网媒体接入控制层入侵检测方法[J].西安交通大学学报,2009,43(12). |
| |
| 作者姓名: | 李金铃 周颢 赵保华 |
| |
| 作者单位: | 中国科学技术大学计算机科学与技术系,230027,合肥;网络与交换技术国家重点实验室安徽省计算与通讯软件重点实验室,230027,合肥 |
| |
| 基金项目: | 国家自然科学基金资助项目,国家高技术研究发展计划资助项目,安 徽省自然科学研究计划重大项目 |
| |
| 摘 要: | 将无线局域网媒体接入控制(MAC)层字段作为检测入侵的分析对象,提出了基于隐马尔可夫模型(HMM)的无线局域网MAC层入侵检测方法.采用了基于控制台、服务器、代理的3层分布式无线局域网入侵检测框架;基于HMM模型对无线局域网的MAC帧头部进行建模;利用正常的无线局域网络数据对HMM进行训练,并记忆正常系统下的数据包行为.由此,检测发现了出现概率小的数据包或数据包序列,并制定了入侵检测阈值.试验结果表明,所提方法对已有的无线局域网MAC层攻击的误报率和漏报率比较低,并能检测未知攻击.
|
| 关 键 词: | 无线局域网 入侵检测 隐马尔可夫模型 |
Intrusion Detection Method of Wireless Local Area Network MAC Layer Based on Hidden Markov Model |
| |
| LI Jinling,ZHOU Hao,ZHAO Baohua.Intrusion Detection Method of Wireless Local Area Network MAC Layer Based on Hidden Markov Model[J].Journal of Xi'an Jiaotong University,2009,43(12). |
| |
| Authors: | LI Jinling ZHOU Hao ZHAO Baohua |
| |
| Abstract: | The packet field of wireless local area network(WLAN)medium access control (MAC)layer is taken for the analytical object of detecting intrusion.An intrusion detection method of WLAN MAC layer iS proposed based on the hidden Markov model(HMM).A three layers frame including console,server and agents is given;the data of WLAN MAC layer is used to model the HMM:then the normal data of WLAN iS used to train the HMM and to memorialize the normal action of WLAN.An intrusion will be detected when the occuring probability of a packet data or a sequence of packet data is smaller than a given threshold.Experimental results show that the proposed method has low false positive rate and missing report rate when detecting the known attacks on WLAN MAC layers,and also detects unknown attacks. |
| |
| Keywords: | wireless local area network intrusion detection hidden Markov model |
| 本文献已被 万方数据 等数据库收录! |
