| 一种混合式网络入侵检测系统 |
| |
| 引用本文: | 孙云,黄皓.一种混合式网络入侵检测系统[J].计算机工程,2008,34(9):164-166. |
| |
| 作者姓名: | 孙云 黄皓 |
| |
| 作者单位: | 南京大学软件新技术国家重点实验室,南京,210093 |
| |
| 基金项目: | 江苏省高技术研究发展计划项目 |
| |
| 摘 要: | 入侵检测系统通常采用单一的检测模式,难以有效地处理漏报和误报问题。该文分析不同类型网络流量的分布特征,提出一种将异常检测和误用检测相结合的混合式网络入侵检测系统,从总体上克服了单一模式的不足。实验结果表明,该方法能有效地提高入侵检测系统的检测率和准确率。
|
| 关 键 词: | 入侵检测 异常检测 误用检测 混合式入侵检测 |
| 文章编号: | 1000-3428(2008)09-0164-03 |
| 修稿时间: | 2007年5月30日 |
Hybrid Network Intrusion Detection System |
| |
| SUN Yun,HUANG Hao.Hybrid Network Intrusion Detection System[J].Computer Engineering,2008,34(9):164-166. |
| |
| Authors: | SUN Yun HUANG Hao |
| |
| Affiliation: | (National Laboratory for Novel Software Technology, Nanjing University, Nanjing 210093) |
| |
| Abstract: | Intrusion Detection System(IDS) has been harassed by false positive and false negative problem. Common IDS using single detection mode is hard to solve this problem effectively. This paper analyzes the characteristics of network flow and presents a new method, called hybrid IDS, combining misuse detection mode and anomaly detection mode, the method can overcome the shortcomings of IDS using single mode. Experiments show that the new method can improve IDS detection rate and decrease false alerts effectively. |
| |
| Keywords: | intrusion detection anomaly detection misuse detection hybrid intrusion detection |
| 本文献已被 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
