| 基于序列分析的报警综合处理研究 |
| |
| 引用本文: | 肖立中,邵志清.基于序列分析的报警综合处理研究[J].计算机工程与应用,2006,42(8):152-154,197. |
| |
| 作者姓名: | 肖立中 邵志清 |
| |
| 作者单位: | 华东理工大学信息科学与工程学院,上海,200237 |
| |
| 摘 要: | 针对入侵检测系统的报警数量多的问题,文章详细介绍了怎样用序列分析的方法处理入侵检测系统的报警数据,使之只产生能反映入侵重要特征的报警。简要介绍了序列分析的方法,说明了报警分析算法,对报警进行了分类。给出了基于序列分析的报警分析模型,它包括两个代理:学习代理和检测代理。最后针对报警数据进行了仿真试验,并说明了将来的研究计划。
|
| 关 键 词: | 数据挖掘技术 入侵检测 报警 序列分析 |
| 文章编号: | 1002-8331-(2006)08-0152-03 |
| 收稿时间: | 2005-07 |
| 修稿时间: | 2005-07 |
Research on Alert Integration Disposal Based on Sequence Analysis |
| |
| Xiao Lizhong,Shao Zhiqing.Research on Alert Integration Disposal Based on Sequence Analysis[J].Computer Engineering and Applications,2006,42(8):152-154,197. |
| |
| Authors: | Xiao Lizhong Shao Zhiqing |
| |
| Affiliation: | College of Information Science and Engineering of East China University of Science and Technology,Shanghai 200237 |
| |
| Abstract: | In terms of too many alerts from the intrusion detection system, the disposal of alerts via sequence analysis is introduced in this paper,through which only the important alerts containing the important information are reported.The sequence analysis is briefly depicted in addition to the alert analysis algorithm categorizing the alerts.Meanwhile,with the studying agent and detecting agent the alert analysis model based on the sequence analysis is presented.Finally the emulational experiment using the alert data is given as well as the future research plan. |
| |
| Keywords: | data mining technology intrusion detection alert sequence analysis |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
