| 对象监控的协同入侵检测 |
| |
| 引用本文: | 滕少华,伍乃骐,张巍,傅秀芬. 对象监控的协同入侵检测[J]. 中山大学学报(自然科学版), 2008, 47(6) |
| |
| 作者姓名: | 滕少华 伍乃骐 张巍 傅秀芬 |
| |
| 作者单位: | 广东工业大学,计算机学院,广东,广州510006 |
| |
| 基金项目: | 国家自然科学基金,广东省自然科学基金,广州市越秀区科技计划 |
| |
| 摘 要: | 分析现有入侵检测技术存在的问题,主要在于数据的获取及检测方法上。据此,提出了一种解决这些问题的新途径,就是紧紧抓住入侵检测的本质问题,从对象分类入手,给出了一个协同入侵检测模型,描述了该模型的各个部件。设计了入侵事件检测代理及融合中心,重点阐述了如何应用场景与自动机技术,将检测一个入侵的方法扩展到检测一类入侵的问题,对可序列化的攻击,文章提出的检测方法能检测其变种攻击。实验检验了方法的有效性。
|
| 关 键 词: | 对象 入侵检测 状态转换 场景 融合 |
| 收稿时间: | 2008-09-10; |
Cooperative Intrusion Detection Based on Object Monitoring |
| |
| TENG Shao-hua,WU Nai-qi,ZHANG Wei,FU Xiu-fen. Cooperative Intrusion Detection Based on Object Monitoring[J]. Acta Scientiarum Naturalium Universitatis Sunyatseni, 2008, 47(6) |
| |
| Authors: | TENG Shao-hua WU Nai-qi ZHANG Wei FU Xiu-fen |
| |
| Affiliation: | (School of Computer, Guangdong University of Technology, Guangzhou 510006, China) |
| |
| Abstract: | In order to solve some present problems for intrusion detection, this text makes an attempt. With the help of O R M C (Object, Result, Mechanism, Characteristic) classification, we give a model of cooperative intrusion detection and show its components and architecture. Detection agents for intrusion events and fusion center have been designed in the paper. Specially, basing on scenario and automata, we implement to detect a known attack and attacks of its varieties. At last, the detect method is verified by experiments. |
| |
| Keywords: | object intrusion detection state transition scenario fusion |
| 本文献已被 维普 万方数据 等数据库收录! |
| 点击此处可从《中山大学学报(自然科学版)》浏览原始摘要信息 |
|
点击此处可从《中山大学学报(自然科学版)》下载全文 |
|
