| 一种基于网络安全风险评估的入侵检测方法 |
| |
| 引用本文: | 陈恢明,陈文,梁刚.一种基于网络安全风险评估的入侵检测方法[J].计算机安全,2012(10):7-12. |
| |
| 作者姓名: | 陈恢明 陈文 梁刚 |
| |
| 作者单位: | 四川大学计算机学院,四川成都610065 |
| |
| 基金项目: | 教育部重大项目培育基金708075; 国家自然科学基金61173159; 四川大学青年教师科研启动基金2011SCU11086 |
| |
| 摘 要: | 针对传统的入侵检测系统存在报警数量大、误报率高等缺陷,提出了一种基于网络安全风险评估的入侵检测方法,该方法基于入侵检测结果,引入抗体浓度随入侵强度动态变化这一人工免疫理论的最新研究成果进行网络安全风险的计算,然后根据当前网络面临的实时安全风险动态设置报警策略。实验结果表明,该方法能够实时、定量地计算主机和网络所面临的风险,并极大地降低报警数量和误报率。
|
| 关 键 词: | 入侵检测系统 报警数量 风险评估 网络安全 误报率 人工免疫 |
A Method of Intrusion Detection based on Network Security Risk Assessment |
| |
| CHEN Hui-ming,CHEN Wen,LIANG Gang.A Method of Intrusion Detection based on Network Security Risk Assessment[J].Network & Computer Security,2012(10):7-12. |
| |
| Authors: | CHEN Hui-ming CHEN Wen LIANG Gang |
| |
| Affiliation: | (College of Computer Science,Sichuan University,Chengdu,Sichuan 610065,China) |
| |
| Abstract: | Traditional intrusion detection system faces the defects of huge alarm quantity and high false positives rate.In order to overcome the defects,a network security risk assessment-based intrusion detection method is proposed in this article.The method calculates network security risk uses the latest research results of artificial immune theory,which mainly include that the antibody concentration changes dynamic with strength of invasion.Then dynamicly set the alarm strategy based on real-time security risks faced by the current network.The experimental results show that the model can calculate host and network risk in real time and quantitative,the alarm quantity and the false positives rate is greatly reduced. |
| |
| Keywords: | intrusion detection system alarm quantity risk assessment network security false positives rate artificial immune |
| 本文献已被 CNKI 维普 等数据库收录! |
|
