| 基于蜜罐的入侵检测系统的设计与实现* |
| |
| 引用本文: | 汪洁,杨柳.基于蜜罐的入侵检测系统的设计与实现*[J].计算机应用研究,2012,29(2):667-671. |
| |
| 作者姓名: | 汪洁 杨柳 |
| |
| 作者单位: | 1. 中南大学信息科学与工程学院,长沙,410083
2. 湖南大学软件学院,长沙,410082 |
| |
| 基金项目: | 中南大学自由探索计划资助项目(2011QNZT035) |
| |
| 摘 要: | 传统的入侵检测系统无法识别未知的攻击,提出在入侵检测系统中引入蜜罐技术来弥补其不足,并设计和实现了一个基于人工神经网络的入侵检测系统HoneypotIDS。该系统应用感知器学习方法构建FDM检测模型和SDM检测模型两阶段检测模型来对入侵行为进行检测。其中,FDM检测模型用于划分正常类和攻击类,SDM检测模型则在此基础上对一些具体的攻击类型进行识别。最后,设计实验对HoneypotIDS的检测能力进行了测试。实验结果表明,HoneypotIDS对被监控网络中的入侵行为具有较好的检测率和较低的误报率。
|
| 关 键 词: | 入侵检测 蜜罐 感知器 |
Design and implementation of intrusion detection system based on honeypot |
| |
| WANG Jie,YANG Liu.Design and implementation of intrusion detection system based on honeypot[J].Application Research of Computers,2012,29(2):667-671. |
| |
| Authors: | WANG Jie YANG Liu |
| |
| Affiliation: | (1.School of Information Science & Engineering, Central South University, Changsha 410083, China; 2.School of Software,Hunan University,Changsha 410082, China) |
| |
| Abstract: | The traditional IDS (intrusion detection system) can not identify the unknown attacks. Therefore, this paper introduced honeypot technique into the IDS. It desigaed a intrusion detection system based on ANN (artificial neural network) . It constructed the system contained FDM detection model and SDM detection model by using perceptron learning method. FDM was used to distinguish the attack class from the normal class, while the other focused on detecting some main types of attacks. At last, an experiment was to test detection ability of HoneypotIDS. The results of the experiment show that HoneypotIDS has a better detection rate and a lower false positive rate for the intrusion activities in the monitored network. |
| |
| Keywords: | intrusion detection honeypot perception |
| 本文献已被 CNKI 万方数据 等数据库收录! |
| 点击此处可从《计算机应用研究》浏览原始摘要信息 |
|
点击此处可从《计算机应用研究》下载全文 |
|
