| 基于隐马尔可夫的系统入侵检测方法 |
| |
| 引用本文: | 睢丹,姚亚辉.基于隐马尔可夫的系统入侵检测方法[J].微计算机信息,2007,23(18):73-75. |
| |
| 作者姓名: | 睢丹 姚亚辉 |
| |
| 作者单位: | 455000,河南安阳,安阳师范学院网络中心 |
| |
| 摘 要: | 针对入侵检测中普遍存在误报与漏报过高的问题,本文提出一种新的基于隐马尔可夫模型的系统入侵检测方法。该方法以程序正常执行过程中产生的系统调用序列为研究对象,首先建立计算机运行状况的隐马尔可夫模型,然后在此模型的基础上提出一个用于计算机系统实时异常检测的算法。实验证明,用这种方法建模的系统在不影响检测率的情况下,比传统的数据建设模节省存储空间,并且准确率高。
|
| 关 键 词: | 入侵检测 异常检测 隐马尔可夫模型(HMM) |
| 文章编号: | 1008-0570(2007)06-3-0073-03 |
| 修稿时间: | 2007-05-03 |
The Method to Network Intrusion Detection Based on HMM Model |
| |
| SUI DAN,YAO YAHUI.The Method to Network Intrusion Detection Based on HMM Model[J].Control & Automation,2007,23(18):73-75. |
| |
| Authors: | SUI DAN YAO YAHUI |
| |
| Affiliation: | Anyang Teacher College Network Center, Anyang, Henan 455000 |
| |
| Abstract: | To solving the problem of high ratio of false alarm and self- adaptation, this paper proposes a new method to network in- trusion detection based on HMM model. This method first research the system call serial in the normal application of the program to found a HMM for the normal behavior of computer system and to bring forward an algorithm of anomaly detection. It is proved that this method increases the rate of accuracy and save more storage space without affecting the detection rate. |
| |
| Keywords: | intrusion detection anomaly detection hidden markov model(HMM) |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
