| 入侵检测的规划识别模型研究 |
| |
| 引用本文: | 李家春,李芝棠.入侵检测的规划识别模型研究[J].华中科技大学学报(自然科学版),2004,32(3):80-82. |
| |
| 作者姓名: | 李家春 李芝棠 |
| |
| 作者单位: | 华中科技大学,计算机科学与技术学院,湖北,武汉,430074 |
| |
| 基金项目: | 国家信息安全应急计划资助项目 (86 3 30 1 0 6 0 1),国信安办资助项目 (2 0 0 1 研 1 0 0 4 ),武汉市科技计划基金资助项目 (2 0 0 10 1111) . |
| |
| 摘 要: | 将AI领域中的规划概念引入入侵检测,建立了入侵检测的规划识别模型,采用因果告警关联分析和贝叶斯网推理模型实现规划识别,以找回因入侵检测自身的检测策略不足和网络覆盖范围漏洞而丢失的关键告警,重新构建了实际的攻击场景,并能预测攻击者的下一步行为或攻击意图,从而起到了提前预警的作用.
|
| 关 键 词: | 入侵检测 规划 规划识别 虚拟告警 贝叶斯网 |
| 文章编号: | 1671-4512(2004)03-0080-03 |
| 修稿时间: | 2003年8月27日 |
The model of plan recognition for intrusion detection |
| |
| Li Jiachun Li Zhitang Li Jiachun Doctoral Candidate, College of Computer Sci. & Tech.,Huazhong Univ. of Sci. & Tech.,Wuhan ,China..The model of plan recognition for intrusion detection[J].JOURNAL OF HUAZHONG UNIVERSITY OF SCIENCE AND TECHNOLOGY.NATURE SCIENCE,2004,32(3):80-82. |
| |
| Authors: | Li Jiachun Li Zhitang Li Jiachun Doctoral Candidate College of Computer Sci & Tech Huazhong Univ of Sci & Tech Wuhan China |
| |
| Institution: | Li Jiachun Li Zhitang Li Jiachun Doctoral Candidate, College of Computer Sci. & Tech.,Huazhong Univ. of Sci. & Tech.,Wuhan 430074,China. |
| |
| Abstract: | The notion "plan" in AI (Artificial Intelligence) was introduced to intrusion detection. The model of plan recognition for intrusion detection by using alert correlation analysis was built based on prerequisites and consequences of intrusions and Bayesian Network inference model. As a result, missed key alerts caused by weaknesses in IDS detection policies and holes in IDS network coverage were gotten back, real attack scenarios were reconstructed, future action or intrusion intention was predicted ,and appropriate responses to their actions were planned. |
| |
| Keywords: | intrusion detection plan plan recognition virtual alert Bayesian Network |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
