| 复合式入侵检测方法的研究 |
| |
| 引用本文: | 袁薇,曹作良,朱辉.复合式入侵检测方法的研究[J].天津理工大学学报,2007,23(1):63-65. |
| |
| 作者姓名: | 袁薇 曹作良 朱辉 |
| |
| 作者单位: | 天津理工大学,机械工程学院,天津,300191 |
| |
| 摘 要: | 所提出的复合式入侵检测算法是基于行为建模算法和模式匹配算法两种入侵检测算法的有效结合,其中行为建模算法扩展了基于异常的入侵检测算法,而模式匹配算法完全实现了基于特征的入侵检测算法.自适应的行为建模算法根据用户的行为和程序的行为建立合法的行为模板,而不需要任何人工干预.两种入侵检测算法能够有效的降低误报率的发生.采用Servlet Filter技术的安全代理是一个具有一定入侵分析功能的智能插件.
|
| 关 键 词: | 入侵检测 行为建模 模式匹配 |
| 文章编号: | 1673-095X(2007)01-0063-03 |
| 收稿时间: | 2006-11-22 |
| 修稿时间: | 2006年11月22 |
Innovation to hybrid intrusion detection methodology |
| |
| YUAN Wei,CAO Zuo-liang,ZHU Hui.Innovation to hybrid intrusion detection methodology[J].Journal of Tianjin University of Technology,2007,23(1):63-65. |
| |
| Authors: | YUAN Wei CAO Zuo-liang ZHU Hui |
| |
| Institution: | School of Mechnical Engineering, Tianjin University of Technology, Tianjin 300191, China |
| |
| Abstract: | The hybrid intrusion detection algorithm proposed here is based on the effective integration of behavior modeling and pattern matching,where behavior modeling extends anomaly-based intrusion detection algorithm and pattern matching implements signature-based intrusion detection algorithm.The adoption of self-learning behavior modeling has the capability to determine the legitimate profiles according to user activities or program activities without any intervention of human security expert.The combination of the two intrusion technologies has dramatically reduced false positive and false negative alarms.A Servlet Filter-based security agent is an intelligent plugin with the basic ability of intrusion analysis. |
| |
| Keywords: | intrusion detection behavior modeling pattern matching |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
