| 基于灰色关联事件融合的入侵检测模型 |
| |
| 引用本文: | 刘 越,王 锐,郭吉平,闫莉蔷. 基于灰色关联事件融合的入侵检测模型[J]. 计算机工程与应用, 2013, 49(12): 86-89 |
| |
| 作者姓名: | 刘 越 王 锐 郭吉平 闫莉蔷 |
| |
| 作者单位: | 佳木斯大学 信息电子技术学院,黑龙江 佳木斯 154007 |
| |
| 摘 要: | 使用异常情况或标识的传统入侵检测模型,检测粒度较大,精度较差,且占用系统资源较多。针对上述问题,提出了分布式异常事件融合入侵检测模型。该模型通过事件跟踪等方法降低检测粒度;采用分布式的多节点灰度关联度算法,进行异常事件的信息融合,进行异常事件分析处理。仿真实验证明,该模型的入侵检测精度较高,而系统资源消耗较少。
|
| 关 键 词: | 入侵检测 异常行为 融合 事件 灰色关联 |
Intrusion detection model of abnormal event fusion based on gray correlation |
| |
| LIU Yue,WANG Rui,GUO Jiping,YAN Liqiang. Intrusion detection model of abnormal event fusion based on gray correlation[J]. Computer Engineering and Applications, 2013, 49(12): 86-89 |
| |
| Authors: | LIU Yue WANG Rui GUO Jiping YAN Liqiang |
| |
| Affiliation: | College of Information and Electronic Technology, Jiamusi University, Jiamusi, Heilongjiang 154007, China |
| |
| Abstract: | With abnormal signatures, the host intrusion detection models have detection big particle sizes and massive resource requests. In order to deal with them, a novel distributed model is presented with abnormal operation detection. The model utilizes the event tracking methods to reduce the particle sizes. And based on multi-nodes, the gray correlation algorithm is used to fuse the abnormal events of faked clients. Simulation results show that the model has good detection performance and a few system resources needed. |
| |
| Keywords: | intrusion detection abnormal action fusion event gray correlation |
|
| 点击此处可从《计算机工程与应用》浏览原始摘要信息 |
|
点击此处可从《计算机工程与应用》下载免费的PDF全文 |
