| 入侵检测语言的评估 |
| |
| 引用本文: | 孙美凤,龚俭.入侵检测语言的评估[J].小型微型计算机系统,2005,26(11):1913-1918. |
| |
| 作者姓名: | 孙美凤 龚俭 |
| |
| 作者单位: | 1. 东南大学,计算机系,网络中心,南京,210096;扬州大学,信息工程学院,江苏,扬州,225009
2. 东南大学,计算机系,网络中心,南京,210096 |
| |
| 基金项目: | 国家自然科学基金(90104031)资助 |
| |
| 摘 要: | 入侵检测语言是入侵检测系统用于定义攻击场景的表示规范.提出一种比较和评估入侵检测语言的方法,该方法建立在一个可被证明是互斥和完备的分类基础上,并基于表达能力、表示简洁性、检测强度等三个测度.使用该方法可以对现有的各类检测语言表示攻击特征并进行推理的相对有效性进行评估,从而揭示出现有检测语言的缺陷和理想的入侵检测语言应具有的特性.
|
| 关 键 词: | 入侵检测系统 检测语言 检测算法 评估 |
| 文章编号: | 1000-1220(2005)11-1913-06 |
| 收稿时间: | 2004-05-09 |
| 修稿时间: | 2004-05-09 |
Evaluation Method for Intrusion Detection Language |
| |
| SUN Mei-feng,GONG Jian.Evaluation Method for Intrusion Detection Language[J].Mini-micro Systems,2005,26(11):1913-1918. |
| |
| Authors: | SUN Mei-feng GONG Jian |
| |
| Affiliation: | 1.Computer Science and Technology Department, SouthEast University, Nanoring 210096, China;2.Information and Engineering College , YangZhou University, Yangzhou 225009, China |
| |
| Abstract: | Intrusion detection language is an expression specification used by IDS to describe the intrusion senarios.Based on a mutually exclusive and exhaustive taxonomy of network attacks and their detection languages,this paper proposes an evaluation method for intrusion detection languages with three metrics:expressibility,representational succinctness and detection intensity.Those well-known detection languages have been evaluated using this method in terms of their ability to express attack signature and their detection efficiencies,so as to reveal their shortages and the features that an ideal detection language should have. |
| |
| Keywords: | intrusion detection system detection language detection algorithm evaluation |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
