| 基于隐马尔科夫模型的用户行为异常检测方法 |
| |
| 引用本文: | 赖英旭,刘静,王一沛.基于隐马尔科夫模型的用户行为异常检测方法[J].电子技术应用,2011,37(7). |
| |
| 作者姓名: | 赖英旭 刘静 王一沛 |
| |
| 作者单位: | 北京工业大学计算机学院,北京,100124 |
| |
| 摘 要: | 提出了一种基于HMM的用户行为异常检测的新方法,用shell命令序列作为审计数据,但在数据预处理、用户行为轮廓的表示方面与现有方法不同。仿真实验结果表明,本方法的检测效率和实时性相对较高,在检测准确率方面也有较大优势。
|
| 关 键 词: | 入侵检测 异常检测 行为模式 隐马尔可夫模型 |
Method for anomaly detection of user behaviors based on hidden Markov models |
| |
| Lai Yingxu,Liu Jing,Wang Yipei.Method for anomaly detection of user behaviors based on hidden Markov models[J].Application of Electronic Technique,2011,37(7). |
| |
| Authors: | Lai Yingxu Liu Jing Wang Yipei |
| |
| Abstract: | A method of user behavior anomaly detection was presented.The method constructs specific hidden Markov model(HMM) with shell commands as audit data.The method is different with other references on data preprocessing and representing the behavior profiles of users.The results of computer simulation show the method presented can achieve high detection accuracy and practicability. |
| |
| Keywords: | intrusion detection anomaly detection behavior pattern HMM |
| 本文献已被 万方数据 等数据库收录! |
|
