| 一种流异常自动检测系统的研究与实现 |
| |
| 引用本文: | 孙敏.一种流异常自动检测系统的研究与实现[J].计算机工程与应用,2005,41(15):160-165. |
| |
| 作者姓名: | 孙敏 |
| |
| 作者单位: | 山西大学计算机与信息技术学院太原030006 |
| |
| 基金项目: | 山西省自然科学基金项目(编号:20011031) |
| |
| 摘 要: | 该文通过分析网络入侵检测的现状,给出了现有网络入侵检测技术的局限性,尤其针对现有网络流定性分析安全技术的不足,在分析了网络流的变化规律的基础上,指出可以利用网络流的灰色特性,预测网络流的异常。论文重点讨论了预测模型——GM(1,1)模型,在此基础上给出了一个基于灰色系统理论的网络流入侵检测系统——FAAD(流异常自动检测)网络监控系统。FAAD使用GM(1,1)模型,通过基于灰色系统理论的网络流异常检测算法,分析预测网络流值与实际网络流的偏差,判定网络是否受到入侵。论文最后给出了实验结果与该系统的评估。
|
| 关 键 词: | 入侵检测 流异常 灰色系统 灰色预测 |
| 文章编号: | 1002-8331-(2005)15-0160-06 |
The Research and implementation of an Automatic Detection System with Flow Anomalies |
| |
| Sun Min.The Research and implementation of an Automatic Detection System with Flow Anomalies[J].Computer Engineering and Applications,2005,41(15):160-165. |
| |
| Authors: | Sun Min |
| |
| Abstract: | The paper first presents an overview of research in intrusion detection techniques for flow anomalies of network and analyses source of data for intrusion detection,then brings forward a design of FAAD(Flow Anomalies Automatic Detection) network monitor system-based on the theory of Grey system-Model GM(1,1).The system described in following article uses Model GM(1,1),applies the method of intrusion detection for flow anomalies,and gives situation of network by analyzing differences between real sequences and sequences calculated.Although this system is low in consumption and easy to implement with software and hardware,and it can be used for various network for intrusion detection,even PC,it detects effectively and precisely.This system applying the theory of Grey system opens up new field of research in intrusion detection techniques. |
| |
| Keywords: | intrusion detection techniques flow anomalies Grey system Grey forecast |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
