| 一种采用混合检测器的入侵检测系统 |
| |
| 引用本文: | 王大伟,张凤斌,王胜文.一种采用混合检测器的入侵检测系统[J].计算机应用,2008,28(5):1136-1139. |
| |
| 作者姓名: | 王大伟 张凤斌 王胜文 |
| |
| 作者单位: | 1. 哈尔滨理工大学,计算机科学与技术学院,哈尔滨,150080
2. 清华大学,信息科学技术学院,北京,100084 |
| |
| 基金项目: | 国家自然科学基金
,
黑龙江省研究生创新科研项目 |
| |
| 摘 要: | 传统的基于免疫的入侵检测系统采用低级别的二进制检测器,妨碍了有意义的知识提取,对Nonself空间的覆盖也不完备。对二进制Self集的确定和有效检测器的生成方法进行了改进,研究了实值否定选择算法,加入了实值检测器,构成混合检测器集合,在检测阶段对会话和数据包同时进行异常检测。实验结果ROC曲线表明有较高的检测率和较低的误报率。
|
| 关 键 词: | 人工免疫 入侵检测 否定选择算法 混合检测器 |
| 文章编号: | 1001-9081(2008)05-1136-04 |
| 收稿时间: | 2007-11-12 |
| 修稿时间: | 2007年11月12 |
Intrusion detection system with hybrid detector |
| |
| WANG Da-wei,ZHANG Feng-bin,WANG Sheng-wen.Intrusion detection system with hybrid detector[J].journal of Computer Applications,2008,28(5):1136-1139. |
| |
| Authors: | WANG Da-wei ZHANG Feng-bin WANG Sheng-wen |
| |
| Affiliation: | WANG Da-wei1,ZHANG Feng-bin1,WANG Sheng-wen2(1.College of Computer Science , Technology,Harbin University of Science , Technology,Harbin Heilongjiang 150080,China,2.School of Information Science , Technology,Tsinghua University,Beijing 100084,China) |
| |
| Abstract: | The low-level (binary) detector that the traditional artificial-immunity-based network intrusion detection systems adopt prevents the extraction of meaningful domain knowledge, and leads to incomplete cover of Nonself space. In this paper, the method of constructing binary self set and generating valid detector were improved. Real-valued negative selection algorithm was studied and the real-valued detectors were added to construct the hybrid detector congregation to detect abnormal behavior of both packets and sessions at detection stage. The ROC curves of experimental results show that it has higher detection rate and lower false alarm rate. |
| |
| Keywords: | artificail immune intrusion detection negative selection algorithm hybrid detector |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机应用》浏览原始摘要信息 |
|
点击此处可从《计算机应用》下载全文 |
|
