| 安全审计中频率敏感的异常检测算法 |
| |
| 引用本文: | 罗隽,丁力,潘志松,胡谷雨,倪桂强.安全审计中频率敏感的异常检测算法[J].计算机工程,2008,34(8):138-140. |
| |
| 作者姓名: | 罗隽 丁力 潘志松 胡谷雨 倪桂强 |
| |
| 作者单位: | 解放军理工大学指挥自动化学院,南京,210007 |
| |
| 基金项目: | 国家自然科学基金
,
江苏省自然科学基金 |
| |
| 摘 要: | 传统使用系统调用序列的异常检测算法主要关注切分的长度,忽略了各个系统调用序列的发生频率对整个检测结果的重要性。该文提出一种对序列发生频率敏感的基于支持向量描述异常检测算法,利用发生频率定义样本的重要性,使分类器更加倾向于这些重要的样本。采用国际标准数据集进行测试,讨论了核参数对分类结果的影响。实验结果表明,与传统检测模型相比,基于序列发生频率的检测模型具有较低的误警率。
|
| 关 键 词: | 安全审计 入侵检测系统 支持向量描述 单类分类器 |
| 文章编号: | 1000-3428(2008)08-0138-03 |
| 修稿时间: | 2007年4月25日 |
Frequency-sensitive Abnormal Detection Algorithm in Security Audit System |
| |
| LUO Jun,DING Li,PAN Zhi-song,HU Gu-yu,NI Gui-qiang.Frequency-sensitive Abnormal Detection Algorithm in Security Audit System[J].Computer Engineering,2008,34(8):138-140. |
| |
| Authors: | LUO Jun DING Li PAN Zhi-song HU Gu-yu NI Gui-qiang |
| |
| Affiliation: | ??Institute of Command Automation, PLA University of Science and Technology, Nanjing 210007?? |
| |
| Abstract: | Traditional algorithms using sequences of system calls often pay close attention to the length of the sequences while ignoring the importance of their occurring frequency. A new detection algorithm using sequences of system calls is put forward based on their occurring frequency, the classifier may pay more attention to the importance of different sequences which is defined by their occurring frequency. Experiments using IS data sets show that the new model has a low false positive rate compared with the traditional model. And hence, adjusting some parameters can make the false positive rate better. |
| |
| Keywords: | |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
|
