| 基于环境信息降低入侵检测误报率 |
| |
| 引用本文: | 刘棣华,张路,高峰. 基于环境信息降低入侵检测误报率[J]. 网络安全技术与应用, 2006, 0(12): 35-36 |
| |
| 作者姓名: | 刘棣华 张路 高峰 |
| |
| 作者单位: | 长春工业大学计算机科学与工程学院,吉林,130012 |
| |
| 摘 要: | 采用单包分析技术的网络入侵检测系统常具有较高的误报率,影响其实用性。本文针对误用网络型入侵检测系统建立一个警报过滤机制,该机制找出攻击成功时所需具备的环境条件。当入侵检测系统发现可疑入侵时,依据环境条件加以实时确认查核,从而减少误报。
|
| 关 键 词: | 入侵检测 减少误报 报警过滤 环境信息 |
Reducing the False Positive of Intrusion Detection Based on Environment Information |
| |
| Liu Dihua,Zhang Lu,Gao Feng. Reducing the False Positive of Intrusion Detection Based on Environment Information[J]. Net Security Technologies and Application, 2006, 0(12): 35-36 |
| |
| Authors: | Liu Dihua Zhang Lu Gao Feng |
| |
| Abstract: | In the network intrusion detection system(NIDS),the single packet analyzing technique is utilized,which leads to high rate of false alarm.This paper proposes an alarm filtering scheme to improve the efficiency of misuse- type network intrusion detection system.Through carefully analyzing a preliminarily recognized attack threat against environment information can further determine if an alarm comes from attacks.So rate of false alarm is deduced. |
| |
| Keywords: | intrusion detection false alarm reduction alarm filtering environment information |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
