| 基于系统调用的异常入侵检测研究 |
| |
| 引用本文: | 刘雪飞,马恒太,张秉权,吴伯桥,蒋建春,文伟平. 基于系统调用的异常入侵检测研究[J]. 计算机工程与应用, 2004, 40(17): 40-43 |
| |
| 作者姓名: | 刘雪飞 马恒太 张秉权 吴伯桥 蒋建春 文伟平 |
| |
| 作者单位: | 南京理工大学计算机系,南京,210096;中科院信息安全技术工程研究中心,北京,100080;中科院信息安全技术工程研究中心,北京,100080;中科院软件所,北京,100080;南京理工大学计算机系,南京,210096;湖南信息技术职业学院计算机系,长沙,610200 |
| |
| 基金项目: | 国家自然科学基金项目(编号:60083007),国家863高技术研究发展计划项目(编号:2003AA144030),国家973重点基础研究发展规划项目(编号:G1999035810),中科院软件所基础课题研究基金项目(编号:CXK45634) |
| |
| 摘 要: | 基于时序、频率等特性,系统调用序列已成为基于主机的入侵检测系统重要的数据源之一。通过分析系统调用序列来判断入侵事件,具有准确性高、误警率低和稳定性好等优点,目前,国际上在这方面的研究主要集中在如何设计有效的检测算法以提高检测效果。该文对目前国际上基于系统调用的异常入侵检测方面的研究进展进行了总结,对主要的检测技术进行了详细讨论和分析。
|
| 关 键 词: | 系统调用 异常入侵检测 时间特性 频率特性 |
| 文章编号: | 1002-8331-(2004)17-0040-04 |
Anomaly Detection Research Based on System Calls |
| |
| Liu Xuefei , Ma Hengtai , Zhang Bingquan Wu Baiqiao Jiang Jianchun , Wen Weip ing . Anomaly Detection Research Based on System Calls[J]. Computer Engineering and Applications, 2004, 40(17): 40-43 |
| |
| Authors: | Liu Xuefei Ma Hengtai Zhang Bingquan Wu Baiqiao Jiang Jianchun Wen Weip ing |
| |
| Affiliation: | Liu Xuefei 1,2 Ma Hengtai 2,3 Zhang Bingquan 1 Wu Baiqiao 4 Jiang Jianchun 2,3 Wen Weip ing 2,31 |
| |
| Abstract: | System calls have already became an important data source of hosts-based intrusion detection system based on its sequential and frequency characteristics.The method whether an event is intrusion through analyzing system calls,has the virtues of high accuracy,low false fault and good stability and so on.At present ,the international research mainly focuses on how to design effective detection algorithms for improving detective effect.This paper summarizes the research progress of anomaly detection based on system calls,discusses and analyzes its main detection technology in detail. |
| |
| Keywords: | system call anomaly intrusion detection time characteristic frequency characteristic |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
