| Granger因果关系检验在攻击检测中的应用研究 |
| |
| 引用本文: | 汪生,孙乐昌,干国政. Granger因果关系检验在攻击检测中的应用研究[J]. 计算机应用, 2005, 25(6): 1282-1285. DOI: 10.3724/SP.J.1087.2005.1282 |
| |
| 作者姓名: | 汪生 孙乐昌 干国政 |
| |
| 作者单位: | 解放军电子工程学院,网络系,安徽,合肥,230037;中国人民解放军61276部队,北京,102213 |
| |
| 摘 要: | 在时态数据挖掘框架下,对基于Granger因果关系检验的攻击检测方法进行了研究。通过计算多个前兆输入时间序列与给定异常输出时间序列之间的因果关联程度,可从描述网络系统安全状态的多元时间序列数据集中检测出网络攻击行为的前兆,进而形成可供实际检测和预警使用的高置信度前兆规则和因果规则。对所提方法的正确性和精度进行了验证,并在设计的攻击检测与预警原型系统中对其进行了应用分析。
|
| 关 键 词: | Granger因果关系检验 前兆规则 因果规则 攻击检测 预警 |
| 文章编号: | 1001-9081(2005)06-1282-04 |
Application research based on Granger causality test for attack detection |
| |
| WANG Sheng,SUN Le-chang,GAN Guo-zheng. Application research based on Granger causality test for attack detection[J]. Journal of Computer Applications, 2005, 25(6): 1282-1285. DOI: 10.3724/SP.J.1087.2005.1282 |
| |
| Authors: | WANG Sheng SUN Le-chang GAN Guo-zheng |
| |
| Affiliation: | 1. Department of Network,Electronic Engineering Institute of PLA,Hefei Anhui 230037,China; 2. No. 61276,PLA,Beijing 102213,China |
| |
| Abstract: | The method for attack detection based on Granger Causality Test(GCT) within the framework of temporal data mining was investigated. Through computing causality between a lot of precursors from input time series and a given anomaly from output time series, the method can be used to detect the precursor from datasets containing multivariate time series related to different security regimes of network system, and then produces the precursor rules and causality rules for actual attack detection and early warning with high confidence. Several experiments were conducted to verify the accuracy and precision of the proposed method, and finally its application analysis in attack detection and early warning prototype system was presented. |
| |
| Keywords: | Granger Causality Test(GCT) precursor rule causal rule attack detection early warning |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机应用》浏览原始摘要信息 |
|
点击此处可从《计算机应用》下载全文 |
|
