| 基于HMM和STIDE的异常入侵检测方法 |
| |
| 引用本文: | 孙彦,李永忠,罗军生.基于HMM和STIDE的异常入侵检测方法[J].计算机工程,2008,34(3):181-182. |
| |
| 作者姓名: | 孙彦 李永忠 罗军生 |
| |
| 作者单位: | 江苏科技大学电子信息学院,镇江,212003 |
| |
| 摘 要: | 入侵检测是对正在发生或已经发生的入侵行为的一种识别过程。异常检测是入侵检测的主要分析方法之一。该文在传统的使用单一入侵检测算法的基础上,提出一种基于HMM和STIDE复合算法的异常入侵检测方法。HMM和STIDE复合算法被用来区分未知的行为是合法操作还是一次入侵。实验证明该方法具有低虚警率和高检测率。
|
| 关 键 词: | 入侵检测 异常检测 HMM方法 STIDE方法 |
| 文章编号: | 1000-3428(2008)03-0180-02 |
| 收稿时间: | 2007-03-03 |
| 修稿时间: | 2007年3月3日 |
Hybrid Anomaly Intrusion Detection Method Using HMM and STIDE |
| |
| SUN Yan,LI Yong-zhong,LUO Jun-sheng.Hybrid Anomaly Intrusion Detection Method Using HMM and STIDE[J].Computer Engineering,2008,34(3):181-182. |
| |
| Authors: | SUN Yan LI Yong-zhong LUO Jun-sheng |
| |
| Affiliation: | (School of Information, Jiangsu University of Science and Technology, Zhenjiang 212003) |
| |
| Abstract: | Intrusion detection is a process of identify the intrusion which had happened or not. Anomaly detection method is one of the main intrusion detection methods. Based on the traditional intrusion detection algorithm using single intrusion detection method, a hybrid method which combines HMM with STIDE is proposed. The HMM along with STIDE is used to categorize an unknown behavior to be either normal or an intrusion. Experimental results prove the hybrid method in low false positive rate with high detection rate. |
| |
| Keywords: | intrusion detection anomaly detection Hidden Markov Model(HMM) Sequence Time Delay Embedding(STIDE) |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
