首页 | 本学科首页   官方微博 | 高级检索  
     

基于操作的多层次主机入侵检测模型与方法
引用本文:蔡忠闽,彭勤科,管晓宏,孙国基. 基于操作的多层次主机入侵检测模型与方法[J]. 计算机工程, 2002, 28(7): 66-68,219
作者姓名:蔡忠闽  彭勤科  管晓宏  孙国基
作者单位:西安交通大学系统工程研究所,西安,710049
基金项目:国家杰出青年基金项目()6970025,国家教育部“行动计划”项目
摘    要:提出了一个多层次的基于用户操作的入侵检测模型,并实现了其原型系统,在此模型中,检测系统从4个层次监测用户在被保护计算机系统上进行的操作,监测结果经过信息融合得到最终的入侵判断,该模型能够更容易地发现用户的异常行为,同时有效降低误报。结合原型实现还讨论了在各层次进行了侵检测的方法。

关 键 词:操作 多层次主机入侵检测模型 网络安全 信息融合 计算机网络
文章编号:1000-3428(2002)07-0066-03

A Host-based Multi-layer Intrusion Detection Model and Its Detection Methods
CAI Zhongmin,PENG Qinke,GUAN Xiaohong,SUN Guoji. A Host-based Multi-layer Intrusion Detection Model and Its Detection Methods[J]. Computer Engineering, 2002, 28(7): 66-68,219
Authors:CAI Zhongmin  PENG Qinke  GUAN Xiaohong  SUN Guoji
Abstract:In this paper we present a multi-layer and defense-in-depth intrusion detection model for networked computer systems with a prototype. In this model, the operations on the protected computer system are monitored by four sensors from different viewpoints. The final judgement is made by combining the results of the individual sensors using information fusion techniques. It is demonstrated that an anomaly behavior can be more easily discovered and false alarms can be effectively reduced using our detection model. The methods to detect intrusions at different layers are also discussed using the experience gained in prototype realization.
Keywords:Computer network security  Intrusion detection  Information fusion  
本文献已被 CNKI 维普 万方数据 等数据库收录!
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号