| 网络入侵意图识别方法综述 |
| |
| 引用本文: | 宁卓 龚俭. 网络入侵意图识别方法综述[J]. 计算机科学, 2006, 33(9): 4-7 |
| |
| 作者姓名: | 宁卓 龚俭 |
| |
| 作者单位: | 东南大学 |
| |
| 基金项目: | 国家重点基础研究发展计划(973计划);教育部科学技术研究重点项目;江苏省重点实验室基金 |
| |
| 摘 要: | 复合攻击的检测是近年来IDS着力解决的一个重要问题。研究表明,解决这个问题的根本途径在于建立有效的模型积累、识别多报文间的上下文关系,从而进一步对入侵的意图进行精确判断。本文跟踪了近年来意图识别领域的技术发展,详细介绍了几种有代表性方法的核心思想,分析它们适用的范围和存在的问题,比较了各自的优劣所在,最后总结了这个领域的难点问题和发展趋势。
|
| 关 键 词: | 复合入侵 IDS 意图识别 警报关联 |
A Survey on Network Intrusion Plan Recognition |
| |
| NING Zhuo,GONG Jian (Deparzment of Computer Science and Technology,Southeast University,Nanjing. A Survey on Network Intrusion Plan Recognition[J]. Computer Science, 2006, 33(9): 4-7 |
| |
| Authors: | NING Zhuo GONG Jian (Deparzment of Computer Science Technology Southeast University Nanjing |
| |
| Affiliation: | Deparzment of Computer Science and Technology, Southeast University, Nanjing 210096 |
| |
| Abstract: | The detection of composed intrusion is an active topic for IDS now. The past researches have shown that intrusion plan recognition technology is critical to reduce false or missed alert rate, tries to construct an effective model to accumulate the relationship among alerts in different context and promotes recognition accuracy. This paper summarizes the advantage and the shortcoming of the known intrusion plan recognition methods. The special requirements are discussed and the most promising development is proposed. |
| |
| Keywords: | IDS |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机科学》浏览原始摘要信息 |
|
点击此处可从《计算机科学》下载全文 |
