| 基于贝叶斯置信网的日志服务系统容侵方法研究 |
| |
| 引用本文: | 黄光球,孙周军,刘兆明. 基于贝叶斯置信网的日志服务系统容侵方法研究[J]. 微电子学与计算机, 2006, 23(12): 53-57,60 |
| |
| 作者姓名: | 黄光球 孙周军 刘兆明 |
| |
| 作者单位: | 西安建筑科技大学,管理学院,陕西,西安,710055 |
| |
| 基金项目: | 国家高技术研究发展计划(863计划) |
| |
| 摘 要: | 文章针对服务器系统被攻破之后。如何保护服务器系统所记录的日志。为以后系统的恢复提供依据.并且提高系统自身生存能力的难点.提出将日志记录按照一定的格式进行分片.将不同的分片存储在不同的日志服务器上的容侵策略。当需要进行日志还原时,再将日志分片组合成原来的日志。构建了系统的异常发现贝叶斯网络模型。该模型根据用户访问日志服务器所提供的特征信息。可以判断出该次访问是否异常行为和所访问目志类型,从而在海量日志信息中快速定位受攻击的服务器及其日志片段.以最小的系统开销恢复可能已经被破坏掉的某一类日志记录.该方法在一定程度上保证了日志记录服务器中日志记录的准确性和正确性。
|
| 关 键 词: | 日志 容侵 贝叶斯置信网 |
| 文章编号: | 1000-7180(2006)12-0053-05 |
| 收稿时间: | 2005-11-05 |
| 修稿时间: | 2005-11-05 |
An Approach to Intrusion Tolerance Method for Log Services System Based on Bayesian Belief Net |
| |
| HUANG Guang-qiu,SUN Zhou-jun,LIU Zhao-ming. An Approach to Intrusion Tolerance Method for Log Services System Based on Bayesian Belief Net[J]. Microelectronics & Computer, 2006, 23(12): 53-57,60 |
| |
| Authors: | HUANG Guang-qiu SUN Zhou-jun LIU Zhao-ming |
| |
| Abstract: | A discussion is made on how to protect logs of a clustered system of servers for providing recovering information after the system is intruded in order to improve its viability, then an intrusion tolerance policy is introduced that logs are divided into different portions, these portions are stored into many different log servers, and can be combined together to form correct logs when necessary, a Bayesian network is created which can be used to judge requested types and accessed logs according to characteristic data from requesting information of users so as to locate those attached log servers and destroyed portions quickly in sea-quantity information and recover logs service system at a lowest cost. This method protects veracity and validity of log information to some extent. |
| |
| Keywords: | Log Intrusion tolerance Bayesian belief net |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
