|
|||||
|
|
| 基于贝叶斯的Windows注册表访问的异常检测研究 | |
| 引用本文: | 王斌,梁晓诚,吴铁峰. 基于贝叶斯的Windows注册表访问的异常检测研究[J]. 现代电子技术, 2007, 30(5): 86-88 |
| 作者姓名: | 王斌 梁晓诚 吴铁峰 |
| 作者单位: | 1. 佳木斯大学,信息电子技术学院,黑龙江,佳木斯,154007;桂林工学院,广西,桂林,541004 2. 桂林工学院,广西,桂林,541004 3. 佳木斯大学,信息电子技术学院,黑龙江,佳木斯,154007 |
| 摘 要: | 描述了一个针对Windows的基于主机的入侵检测系统。其核心是一个贝叶斯算法,此算法通过寻找异常的对Windows注册表的访问来检测基于主机的攻击,并且评价他的性能。实验结果证明谈基于贝叶斯的检测系统在检测恶意行为时是有效的,并能保持较低的误警率,其实验结果表明检测系统具有良好的性能。 |
| 关 键 词: | 异常检测 注册表访问 贝叶斯算法 入侵检测系统 |
| 文章编号: | 1004-373X(2007)05-086-03 |
| 收稿时间: | 2006-07-18 |
| 修稿时间: | 2006-07-18 |
Anomaly Detection Research of Windows Registry Access Bassed on Bayesian |
|
| WANG Bin,LIANG Xiaocheng,WU Tiefeng. Anomaly Detection Research of Windows Registry Access Bassed on Bayesian[J]. Modern Electronic Technique, 2007, 30(5): 86-88 | |
| Authors: | WANG Bin LIANG Xiaocheng WU Tiefeng |
| Affiliation: | 1. Informaiton Electronic Technology College, Jiamusi University. Jiamusi, 154007, China; 2. Guilin University of Technology, Guilin, 541004, China |
| Abstract: | This paper describes a host-based intrusion detection system for Microsoft Windows.The core of the system is a Bayesian classifier that detects attacks on a host machine by looking for anomalous accesses to the Windows registry,and evaluates its performance.The results of experiments shown that the system based on Bayesian classifier described by paper is effective in detecting the actions of malicious software while maintaining a low rate of false alarms. |
| Keywords: | anomaly detection registry access Bayesian algorithm intrusion detection |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! | |