| MAIDS-多检测技术的IDS模型 |
| |
| 引用本文: | 田俊峰,张喆,赵卫东.MAIDS-多检测技术的IDS模型[J].计算机工程与应用,2006,42(5):138-141,145. |
| |
| 作者姓名: | 田俊峰 张喆 赵卫东 |
| |
| 作者单位: | 河北大学数学与计算机学院,河北,保定,071002;河北大学数学与计算机学院,河北,保定,071002;河北大学数学与计算机学院,河北,保定,071002 |
| |
| 摘 要: | 目前,入侵检测系统的漏报率和误报率高一直是困扰IDS用户的主要问题,而入侵检测系统主要有误用型和异常型两种检测技术。针对这一问题,根据这两种检测技术各自的优点,以及它们的互补性,将两种检测技术结合起来的方案越来越多地应用于IDS中。论文提出了基于统计的异常检测技术和基于模式匹配的误用检测技术及其它检测技术相结合的IDS模型-MAIDS,以期达到减少入侵检测系统的漏报率和误报率的目的,从而提高系统的安全性。
|
| 关 键 词: | 入侵检测系统 异常检测 误用检测 模式匹配 统计分析 |
| 文章编号: | 1002-8331-(2006)05-0138-04 |
| 收稿时间: | 2005-09 |
| 修稿时间: | 2005-09 |
MAIDS-Model of IDS with Multi-Technology |
| |
| Tian Junfeng,Zhang Zhe,Zhao Weidong.MAIDS-Model of IDS with Multi-Technology[J].Computer Engineering and Applications,2006,42(5):138-141,145. |
| |
| Authors: | Tian Junfeng Zhang Zhe Zhao Weidong |
| |
| Affiliation: | College of Mathematics and Computer, Hebei University, Baoding, Hebei 071002 |
| |
| Abstract: | Currently,the false positive and the false negative of Intrusion Detection System are very high.It is always the main problem that bothers the user of IDS.But there are two main technologies applied in IDS.To this problem, because both the technologies have its own advantages and they can supply for each other.So IDS combined with the two technologies is used more and more widely.This paper presents a model of IDS based on combination of Misuse Detection,Anomaly Detection and other detection technologies called MAIDS.In this model,Misuse Detection is based on pattern matching and Anomaly Detection is based on statistical analysis.It combines the two technologies to reduce the false positive rate and the false negative rate,and then to improve security of IDS. |
| |
| Keywords: | Intrusion Detection System anomaly detection misuse detectlon pattern matching statistical snalysis |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
