| 入侵检测系统的可信问题 |
| |
| 引用本文: | 闫巧,喻建平,谢维信.入侵检测系统的可信问题[J].计算机研究与发展,2003,40(8):1203-1208. |
| |
| 作者姓名: | 闫巧 喻建平 谢维信 |
| |
| 作者单位: | 1. 西安电子科技大学电子工程学院,西安,710071;深圳大学信息工程学院,深圳,518060
2. 深圳大学信息工程学院,深圳,518060 |
| |
| 基金项目: | 国家“八六三”高技术研究发展计划项目基金 ( 2 0 0 1AA14 2 10 0B),广东省自然科学基金 ( 0 2 12 82 ) |
| |
| 摘 要: | 首先讨论了当前入侵检测系统存在的信任危机的原因,并得出结论:若希望入侵检测系统的报警可信概率超过50%,必须使虚警率低于入侵发生的先验概率.接着论述了在异常检测系统和滥用检测系统中产生虚警的原因.最后结合研发的AIIDs系统讨论了抑制虚警可能采取的方法,重点讨论了用隐马尔可夫模型过滤系统调用数据以增加相对条件熵的方法和根据入侵的定义以及来自免疫系统机理的启发,建立了协同信号机制而遏制虚警的方法.
|
| 关 键 词: | 入侵检测 虚警率 可信性 入侵检测系统(IDS) |
Creditability Problems in Intrusion Detection Systems |
| |
| YAN Qiao ,YU Jian-Ping ,and XIE Wei-Xin.Creditability Problems in Intrusion Detection Systems[J].Journal of Computer Research and Development,2003,40(8):1203-1208. |
| |
| Authors: | YAN Qiao YU Jian-Ping and XIE Wei-Xin |
| |
| Affiliation: | YAN Qiao 1,2,YU Jian-Ping 2,and XIE Wei-Xin 2 1 |
| |
| Abstract: | The reasons for creditability crisis in available intrusion detection systems are discussed and the high false positive rate and low intrusion base rate leading to the IDSs undependable are explained. Then the causes for high false positive rate in both misuse detection systems and anomaly detection systems are given. Finally some methods are presented to reduce the false positive rate. |
| |
| Keywords: | intrusion detection false positive rate creditability intrusion detection system(IDS) |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
