| 基于流量分析的入侵检测系统研究 |
| |
| 引用本文: | 陈健,张亚平,李艳.基于流量分析的入侵检测系统研究[J].天津理工大学学报,2004,20(2):86-88. |
| |
| 作者姓名: | 陈健 张亚平 李艳 |
| |
| 作者单位: | 天津出入境边防检查总站,天津,300300 |
| |
| 摘 要: | 随着网络技术发展,信息系统的安全性日益成为政府、企业及事业部门越来越关注的重大问题,保障信息系统的安全性已经成为迫切的需要.现有的网络安全系统多采用基于规则入侵检测技术,因而误报率较高;本文根据对边检入侵检测系统测量分析的基础上提出基于流量的边检入侵检测系统,通过量化分析来预测入侵和DDOS攻击,从而保证网络的安全性.
|
| 关 键 词: | 入侵检测 异常检测 流量分析 并行计算 |
| 文章编号: | 1004-2261(2004)02-0086-03 |
| 修稿时间: | 2003年8月29日 |
An intrusion detection system based on flow analysis |
| |
| CHEN Jian,ZHANG Ya-ping,LI Yan.An intrusion detection system based on flow analysis[J].Journal of Tianjin University of Technology,2004,20(2):86-88. |
| |
| Authors: | CHEN Jian ZHANG Ya-ping LI Yan |
| |
| Abstract: | Intrusion detection is a focus of current research. Anomaly detection techniques have been devised to address the limitations of misuse detection approaches for intrusion detection with the model of normal behaviors. A Self-Similar is a useful tool to model sequence information, an optimal modeling technique to minimize false-positive error while maximizing detection rate, but too complex and inefficient. This paper proposes an effective flow analysis intrusion detection system that improves the modeling time and performance by only considering the transition flows. Experimental results show that training with the proposed method is significantly faster than the conventional method trained with all data, without loss of detection performance. |
| |
| Keywords: | intrusion detection anomaly detection flow analysis parallel computing |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
