| 基于分层检测的协同攻击检测技术研究 |
| |
| 引用本文: | 经小川,刘克强,胡昌振.基于分层检测的协同攻击检测技术研究[J].科技导报(北京),2005,23(4):4-7. |
| |
| 作者姓名: | 经小川 刘克强 胡昌振 |
| |
| 作者单位: | 北京理工大学信息安全与对抗技术研究中心,北京,100081;首都经济贸易大学信息学院,北京,100071 |
| |
| 摘 要: | 协同攻击的复杂性使传统检测方法难以对其进行有效的检测。在对协同攻击行为的层次性和关联性的分析基础上,将协同攻击行为划分为基于时间的行为和基于空间的行为,结合适当的攻击表达方法,提出一种应用于网络协同攻击的检测方法,并详细介绍了该方法的特点和应用方式。
|
| 关 键 词: | 入侵检测系统 时序检测 功能检测 |
| 文章编号: | 1000-7857(2005)04-0004-04 |
| 修稿时间: | 2005年3月1日 |
A STUDY ON COORDINATED ATTACK DETECTION BASED ON DELAMINATION |
| |
| JING Xiao-chuan,LIU Ke-qiang,HU Chang-zhen.A STUDY ON COORDINATED ATTACK DETECTION BASED ON DELAMINATION[J].Science & Technology Review,2005,23(4):4-7. |
| |
| Authors: | JING Xiao-chuan LIU Ke-qiang HU Chang-zhen |
| |
| Abstract: | For the complexity of coordinated attacks, it is difficult to detect them efficiently by using the traditional methods such as misuse detection and anomaly detection. Based on the research work on the hiberarchy and reciprocity of attack behaviors, a solution for detecting coordinated attack with the conditional association and temporal method was suggested. A kind of attack representation that suitable to association analysis has been introduced. |
| |
| Keywords: | Intrusion Detection System(IDS) temporal detection conditional detection |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
