| 网络入侵事件防御决策技术研究 |
| |
| 引用本文: | 王莉娜,房鼎益,吴晓南,陈晓江. 网络入侵事件防御决策技术研究[J]. 计算机应用与软件, 2007, 24(4): 41-44 |
| |
| 作者姓名: | 王莉娜 房鼎益 吴晓南 陈晓江 |
| |
| 作者单位: | 西北大学计算机科学系,陕西,西安,710069;西北大学计算机科学系,陕西,西安,710069;西北大学计算机科学系,陕西,西安,710069;西北大学计算机科学系,陕西,西安,710069 |
| |
| 基金项目: | 航空基础科学基金 , 陕西省自然科学基金 |
| |
| 摘 要: | 针对传统入侵检测系统对付复杂攻击防御时暴露出的不足,提出利用数据挖掘技术进行网络入侵事件协同分析,建立关联规则与序列规则模型,并结合两者进行全局信息推理获取复杂攻击模式.重点研究了复杂入侵事件的防御决策技术和基于有限自动机的危机分析方法,详细分析了防御决策向量的制定过程以及防御知识的表示问题.实验结果表明,所提出的模型和方法能通过提前确定防御点增强系统防御的实时性与有效性.
|
| 关 键 词: | 网络安全 入侵检测 事件分析 事件响应 |
| 修稿时间: | 2005-01-24 |
RESEARCH ON NETWORK INTRUSION ALERTS RECOVERY DECISION-MAKING TECHNOLOGY |
| |
| Wang Li''''na,Fang Dingyi,Wu Xiaonan,Chen Xiaojiang. RESEARCH ON NETWORK INTRUSION ALERTS RECOVERY DECISION-MAKING TECHNOLOGY[J]. Computer Applications and Software, 2007, 24(4): 41-44 |
| |
| Authors: | Wang Li''''na Fang Dingyi Wu Xiaonan Chen Xiaojiang |
| |
| Abstract: | Traditional intrusion detection systems are mostly short of responding to complicated intrusion attacks.In order to cope with the problem,an efficient cooperative alert analysis model based on data mining is proposed.Complicated intrusion attack patterns can be discov-ered by reasoning the results of association and sequence analysis.Furthermore,aiming at complicated intrusion attack,we research the recov-ery decision-making technology,including doing crisis analysis by finite state automata,making the decision vector and showing the defense knowledge.Experimental results show that the response can advance recovery point to improve the real-time and efficiency of defense. |
| |
| Keywords: | Network security Intrusion detection Alert analysis Alert response |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
