| 基于构造性核覆盖算法的异常入侵检测 |
| |
| 引用本文: | 周鸣争,楚宁,强俊.基于构造性核覆盖算法的异常入侵检测[J].电子学报,2007,35(5):862-867. |
| |
| 作者姓名: | 周鸣争 楚宁 强俊 |
| |
| 作者单位: | 安徽工程科技学院计算机科学与工程系,安徽芜湖 241000 |
| |
| 基金项目: | 国家自然科学基金,安徽省教育厅自然科学基金重点项目 |
| |
| 摘 要: | 将构造性核覆盖算法引入入侵检测研究中,提出了一种基于构造性核覆盖的异常入侵检测算法,用于监控进程的非正常行为.首先分析了核覆盖分类算法应用于入侵检测的可能性,然后具体描述了核覆盖算法在异构数据集下的推广,提出了基于核覆盖的异常入侵检测模型.并以sendmail系统调用序列数据集为例,详细讨论了该模型的工作过程.最后将实验仿真结果与其它方法进行了比较,结果表明,该方法的检测效果优于同类的其它方法.
|
| 关 键 词: | 异常入侵检测 核覆盖 异构数据集 系统调用 |
| 文章编号: | 0372-2112(2007)05-0862-06 |
| 收稿时间: | 2006-04-29 |
| 修稿时间: | 2006-04-292006-09-15 |
An Anomaly Intrusion Detection Based on Constructive Kernel Covering Algorithm |
| |
| ZHOU Ming-zheng,CHU Ning,QIANG Jun.An Anomaly Intrusion Detection Based on Constructive Kernel Covering Algorithm[J].Acta Electronica Sinica,2007,35(5):862-867. |
| |
| Authors: | ZHOU Ming-zheng CHU Ning QIANG Jun |
| |
| Affiliation: | Department of Computer Science and Engineering,Anhui University of Technology and Science,Wuhu,Anhui 241000,China |
| |
| Abstract: | Constructive Kemel Covering Algorithm is inducted into intrusion detection and an anomaly intrusion detection. This method based on Constructive Kernel Covering Algorithm is proposed which applied to monitoring the abnormal behavior of processes. Firstly, this paper analyzes the possibility of Kernel Covering Algorithm applied to intrusion detection;Secondly, the Kernel Coveting Algorithm generalized on heterogeneous datasets is described, and a model of anomaly intrusion detection based on Kernel Covering Algorithm is proposed. Then we illustrate the sendmail system call sequence dataset and discuss the working process of this model in detail; Finally, the emulation result is compared with other methods. The result indicates that this method is superior to other similar methods. |
| |
| Keywords: | anomaly intrusion detection constructive kernel covering algorithm heterogeneous clarinets system call |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《电子学报》浏览原始摘要信息 |
|
点击此处可从《电子学报》下载全文 |
