| 入侵响应中基于事件相关性的攻击预测算法 |
| |
| 引用本文: | 王祖俪,程小平.入侵响应中基于事件相关性的攻击预测算法[J].计算机科学,2005,32(4):144-147. |
| |
| 作者姓名: | 王祖俪 程小平 |
| |
| 作者单位: | 西南师范大学计算机与信息科学学院,重庆,400715;西南师范大学计算机与信息科学学院,重庆,400715 |
| |
| 摘 要: | 目前的入侵检测系统(IDS)中的响应单元只对检测出的当前安全事件做出响应,而忽略了攻击事件间隐藏的关系及攻击的最终目的。本文针对上述问题在IDS的响应单元中提出了一个利用攻击事件间的相关性对攻击的最终目的进行预测的算法。实验证明该算法提高了网络的预警能力,减少了对误报的响应,并能发现分析引擎的漏报情况。
|
| 关 键 词: | 预测算法 前驱 后继 入侵响应 |
An Attack Predictive Algorithm Based on the Correlation of Intrusions Alerts in Intrusion Response |
| |
| WANG Zu-Li,CHENG Xiao-Ping.An Attack Predictive Algorithm Based on the Correlation of Intrusions Alerts in Intrusion Response[J].Computer Science,2005,32(4):144-147. |
| |
| Authors: | WANG Zu-Li CHENG Xiao-Ping |
| |
| Affiliation: | WANG Zu-Li,CHENG Xiao-Ping Faculty of Computer Science,South West China Normal University,Chongqing 400715 |
| |
| Abstract: | Traditional intrusion detection systems(IDSs)take actions to the alerts independently, and ignore the logi- cal connections between them. In this paper an attack predictive algorithm in intrusion response part of the IDS is pre- sented based on the prerequisites and consequences of intrusions. And an off-line simulation experiment shows that it can improve the prediction ability of the IDS, and reduce the false alert and find the potential attack. |
| |
| Keywords: | Predictive algorithm Prerequisites Consequences Intrusion response |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
点击此处可从《计算机科学》下载全文 |
