| 基于风险管理的入侵检测数据采样策略模型 |
| |
| 引用本文: | 朱卫未,王卫平,陈文惠.基于风险管理的入侵检测数据采样策略模型[J].系统工程与电子技术,2007,29(4):647-650. |
| |
| 作者姓名: | 朱卫未 王卫平 陈文惠 |
| |
| 作者单位: | 1. 南京邮电大学经济与管理学院,江苏,南京,210003
2. 中国科学技术大学管理学院,安徽,合肥,230052 |
| |
| 摘 要: | 基于网络的入侵检测系统通过详细分析计算机网络中传输的网络数据包进行入侵检测,由于检测速率与数据包采集速率不匹配,以及检测所需成本的限制,在收集用于检测的网络数据包时必须选择有效的采样策略。引入了博弈模型框架上的原始入侵数据包采样策略,在此基础上再进行分析和扩展。同时,讨论了原有单一采样策略的不足,引入风险管理的思想并通过具体的实例来分析在不同风险情况下的策略选择问题。
|
| 关 键 词: | 入侵检测 采样策略 博弈理论方法 风险管理 |
| 文章编号: | 1001-506X(2007)04-0647-04 |
| 修稿时间: | 2006年3月11日 |
Network packet sampling strategy model of intrusion detection based on risk management approach |
| |
| ZHU Wei-wei,WANG Wei-ping,CHEN Wen-hui.Network packet sampling strategy model of intrusion detection based on risk management approach[J].System Engineering and Electronics,2007,29(4):647-650. |
| |
| Authors: | ZHU Wei-wei WANG Wei-ping CHEN Wen-hui |
| |
| Abstract: | Intrusion detection is an important part of the information security research,and the network-based intrusion detection system accomplishes the detection by examining network packets.Since sampling entails incurring network costs for real-time packet sampling and packet examination hardware,a network packet sampling strategy is developed to detect network intrusions effectively while not exceeding the velocity of the packet examination.This problem is considered in a game theoretic framework and a sampling scheme that is optimal in game theory setting by the Minimax theorem and the max-flow min-cut theorem is developed.The method of risk management is also introduced and the solution is extend to more complex cases to solve the choice of sampling strategy while facing more various environments. |
| |
| Keywords: | intrusion detection sampling strategy game theory approach risk management |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
