| 一种基于入侵事件的检测分析技术 |
| |
| 引用本文: | 史亮,庄镇泉.一种基于入侵事件的检测分析技术[J].计算机工程与科学,2005,27(8):13-15. |
| |
| 作者姓名: | 史亮 庄镇泉 |
| |
| 作者单位: | 中国科学技术大学电子科学与技术系,安徽,合肥,230026 |
| |
| 基金项目: | 国家自然科学基金重点资助项目(90104030) |
| |
| 摘 要: | 在本文中,我们针对目前入侵检测系统普遍存在的误报率高、报警信息冗余现象严重和对入侵表述能力不强的缺陷,提出了一种基于入侵事件的检测分析技术,详细描述了该技术所采用主要方法的设计思想,如多传感器数据融合以及基于模糊规则的原始报警信息鉴别等。实验结果表明,同现有入侵检测系统相比,该技术大大降低了系统的检测成成本。
|
| 关 键 词: | 入侵检测 数据融合 模糊规则 入侵通报 |
| 文章编号: | 1007-130X(2005)08-0013-03 |
| 修稿时间: | 2003年10月14 |
An Intrusion-Event-Based Detection Analysis Technology |
| |
| SHI Liang,ZHUANG Zhen-quan.An Intrusion-Event-Based Detection Analysis Technology[J].Computer Engineering & Science,2005,27(8):13-15. |
| |
| Authors: | SHI Liang ZHUANG Zhen-quan |
| |
| Abstract: | In this paper, we present a detection technology based on intrusion events in order to overcome the shortcomings of high false alert rate, serious redundant alerts and poor expression about the intrusion activities in today's intrusion detection systems. We describe the design ideas about the important methods used in this technology such as multi-sensor data fusion, raw alert distinguishment based on fuzzy rules and so on in detail. Experimental results show that compared with the existing intrusion detection systems, this technology can reduce the system test cost greatly. |
| |
| Keywords: | intrusion detection data fusion fuzzy rule intrusion report |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程与科学》浏览原始摘要信息 |
|
点击此处可从《计算机工程与科学》下载全文 |
