| 基于网络流量预测模型的CFAR入侵检测方法研究 |
| |
| 引用本文: | 胡碧峰,韦红军.基于网络流量预测模型的CFAR入侵检测方法研究[J].信息安全与通信保密,2008(8):112-115. |
| |
| 作者姓名: | 胡碧峰 韦红军 |
| |
| 作者单位: | 中国人民解放军91557部队,浙江舟山316041 |
| |
| 摘 要: | 论文提出了一种基于网络流量预测模型的CFAR入侵检测系统。采用AR模型对网络流量进行预测,并运用雷达信号处理中的恒误警CFAR技术,选取检测阀值以判定是否存在入侵信号。利用林肯实验室DARPA数据对系统进千亍试验,通过对不同的CFAR检测进行比较分析,最后提出三种CFAR联合检测,使得系统具有更高的检测率和更低的误警率。
|
| 关 键 词: | 入侵检测 AR模型 恒误警率 |
CFAR Intrusion Detection Method Based on Network Flow Prediction Model |
| |
| HU Bi-feng,WEI Hong-jun.CFAR Intrusion Detection Method Based on Network Flow Prediction Model[J].China Information Security,2008(8):112-115. |
| |
| Authors: | HU Bi-feng WEI Hong-jun |
| |
| Affiliation: | 1557 Army of PLA, Zhoushan Zhengjiang 316041, China) |
| |
| Abstract: | Constant false alarm rate(CFAR) intrusion detection method based on network flow prediction is proposed in this paper. The network flow can be predicted by using the AR model, and an appropriate detection threshold is chosen through the CFAR in radar signal processing, which can decide whether an intrusion signal exists or not. According to the simulations based on the DARPA datasets of Lincoln Lab, different CFAR detections are compared and analyzed. Finally, the united CFAR detection is proposed, which shows that the detective probability is actively high while the false alarm rate fairly low. |
| |
| Keywords: | intrusion detection AR model CFAR |
| 本文献已被 维普 万方数据 等数据库收录! |
