| 基于关系事件的网络复杂攻击检测技术研究 |
| |
| 引用本文: | 周建成,宋曦轮.基于关系事件的网络复杂攻击检测技术研究[J].科技导报(北京),2005,23(12):44-46. |
| |
| 作者姓名: | 周建成 宋曦轮 |
| |
| 作者单位: | 中国工程物理研究院化工材料研究所,四川,绵阳,621900;中国工程物理研究院化工材料研究所,四川,绵阳,621900 |
| |
| 摘 要: | 应用传统的入侵检测方法无法实现对网络复杂攻击的检测,传统检测算法的重点在于观测独立事件或独立用户的行为特征,缺乏对事件之间相互作用关系的考量和分析,而复杂攻击可供检测的显性特征就在于事件间的关联特征.提出了一种基于复杂攻击子事件和子事件关系的检测方法,通过复杂攻击的检测范例,证明了该方法的有效性.
|
| 关 键 词: | 复杂攻击 离散事件 入侵检测 |
| 文章编号: | 1000-7857(2005)12-0044-03 |
| 收稿时间: | 2005-10-20 |
| 修稿时间: | 2005年10月20 |
Study on Detection Technology of Complicated Network Attack Based on Related-Event |
| |
| ZHOU Jian-cheng, SONG Xi-lun.Study on Detection Technology of Complicated Network Attack Based on Related-Event[J].Science & Technology Review,2005,23(12):44-46. |
| |
| Authors: | ZHOU Jian-cheng SONG Xi-lun |
| |
| Institution: | Institute of Chemical Materials, China Academy of Engineering Physics,Mianyang 621900, Sichuan Province, China |
| |
| Abstract: | It is unrealistic to detect complicated network attacks based on traditional intrusion detection methods (TIDM) because of the TIDM algorithms emphasis on observing behaviors of independent event, which appears to be lack of the analysis of the interplay among events. The detection method based on relations among sub-events in complicated network attacks has been put forward in this paper. The example shows that method which are designed in this system can effectively detect the attacks. |
| |
| Keywords: | complicated network attacks discrete events intrusion detection |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
