| 一种时间场景识别算法及其在安全报警熔合中的应用 |
| |
| 引用本文: | 徐辉,冯晋雯,潘爱民.一种时间场景识别算法及其在安全报警熔合中的应用[J].北京大学学报(自然科学版),2005,41(3):448-459. |
| |
| 作者姓名: | 徐辉 冯晋雯 潘爱民 |
| |
| 作者单位: | 北京大学计算机科学技术研究所信息安全研究室,北京,100871 |
| |
| 摘 要: | 提出了一种基于时间场景识别的安全报警熔合算法。该算法将已知的攻击模式定义成时间场景模型来处理在线或离线的报警流。算法同时完成报警聚合以及报警关联两个工作,并且采用基于时间推理的方法来预处理场景模型,从而使识别过程具有较高的效率。
|
| 关 键 词: | 报警熔合 报警聚合 报警关联 时间场景 时间约束图 |
| 收稿时间: | 2003-12-22 |
A Novel Temporal Scenario Recognition Algorithm and Its Application in Intrusion Detection Alert Fusion |
| |
| XU Hui,Feng Jinwen,PAN Aimin.A Novel Temporal Scenario Recognition Algorithm and Its Application in Intrusion Detection Alert Fusion[J].Acta Scientiarum Naturalium Universitatis Pekinensis,2005,41(3):448-459. |
| |
| Authors: | XU Hui Feng Jinwen PAN Aimin |
| |
| Institution: | Institute of Computer Science and Technology, Peiking University, Beijing, 100871 |
| |
| Abstract: | A security alert fusion algorithm based on temporal scenario recognition is proposed. Known attack patterns are defined into temporal scenario models to process online or offline alert flow. Alert aggregation and alert correlation are performed simultaneously in the recognition procedure. Methods based on temporal reasoning are adopted to preprocess temporal scenario models, giving the recognition algorithm a high efficiency. |
| |
| Keywords: | alert fusion alert aggregation alert correlation temporal scenario temporal constraint graph |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《北京大学学报(自然科学版)》浏览原始摘要信息 |
| 点击此处可从《北京大学学报(自然科学版)》下载免费的PDF全文 |
