首页 | 本学科首页   官方微博 | 高级检索  
     

基于改进隐马尔可夫模型的网络攻击检测方法
引用本文:杨晓峰,孙明明,胡雪蕾,杨静宇.基于改进隐马尔可夫模型的网络攻击检测方法[J].通信学报,2010,31(3):95-101.
作者姓名:杨晓峰  孙明明  胡雪蕾  杨静宇
作者单位:南京理工大学计算机系,江苏南京,210094
基金项目:江苏省"六大人才高峰"资助项目 
摘    要:提出了一种基于改进隐马尔可夫模型的网络攻击检测方法.正常的网络行为符合一定的语法规则,异常的行为会偏离正常的语法规则.通过对正常行为样本的学习得到的基于隐马尔可夫模型的语法可以根据网络行为和语法的符合程度有效地检测正常行为和攻击行为.在基于现实数据的实验测试中,得到了比较好的检测性能.

关 键 词:网络安全  网络攻击  入侵检测  隐马尔可夫模型  语法推断

Improved HMM model based method for detecting cyber attacks
YANG Xiao-feng,SUN Ming-ming,HU Xue-lei,YANG Jing-yu.Improved HMM model based method for detecting cyber attacks[J].Journal on Communications,2010,31(3):95-101.
Authors:YANG Xiao-feng  SUN Ming-ming  HU Xue-lei  YANG Jing-yu
Affiliation:YANG Xiao-feng,SUN Ming-ming,HU Xue-lei,YANG Jing-yu (Department of Computer Science,Nanjing University of Science , Technology,Nanjing 210094,China)
Abstract:An improved HMM model based method for detecting cyber attacks was proposed. Normal network behaviors followed a regular grammar, while anomalies deviated the normal grammar. Grammar model represented by HMM model trained with normal network behavior samples easily distinguished normal and malicious requests by their contrasting conforming degrees. A significantly improved performance was achieved in real data tests compared with other anomaly methods.
Keywords:network security  cyber attack  intrusion detection  HMM model  grammar inference
本文献已被 CNKI 万方数据 等数据库收录!
点击此处可从《通信学报》浏览原始摘要信息
点击此处可从《通信学报》下载全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号