| 基于系统行为分析的异常检测技术研究 |
| |
| 引用本文: | 周彬彬,崔宝江,杨义先.基于系统行为分析的异常检测技术研究[J].电信科学,2009,25(2). |
| |
| 作者姓名: | 周彬彬 崔宝江 杨义先 |
| |
| 作者单位: | 北京邮电大学,北京,100876 |
| |
| 基金项目: | 国家高技术研究发展计划(863计划) |
| |
| 摘 要: | 本文介绍了入侵检测系统中的行为分析技术.针对HIDS异常检测技术中的静态行为分析技术和动态行为分析技术的技术原理、发展历史、研究现状和应用效果进行了分析,尤其对系统行为分析方法进行了重点分析.最后对基于行为分析技术的HIDS的发展趋势进行了展望,总结了HIDS目前的研究进展和在今后应当主要关注的问题.
|
| 关 键 词: | 网络安全 异常检测 静态行为分析 动态行为分析 系统调用序列 |
Research About System-behavior-based Anomaly Detection Technologies |
| |
| Zhou Binbin,Cui Baojiang,Yang Yixian.Research About System-behavior-based Anomaly Detection Technologies[J].Telecommunications Science,2009,25(2). |
| |
| Authors: | Zhou Binbin Cui Baojiang Yang Yixian |
| |
| Affiliation: | Beijing University of Posts and Telecommunications;Beijing 100876;China |
| |
| Abstract: | This paper gives an overview of different kinds of behavior-based anomaly detection technologies. It compares two classes of IDS-HIDS and NIDS, introduces the role of HIDS in Internet security and the classification of technologies it adopts. After that, it describes both static analysis technologies of HIDS anomaly detection by explaining their basic concepts, development and effects, with a focus on system-behavior based methods. At last, this paper concludes the current situation, future hot topics and p... |
| |
| Keywords: | HIDS |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
