| 混合二次网络流量异常状态模型研究 |
| |
| 引用本文: | 孙知信,焦琳,姜举良.混合二次网络流量异常状态模型研究[J].微机发展,2007,17(3):153-155. |
| |
| 作者姓名: | 孙知信 焦琳 姜举良 |
| |
| 作者单位: | 南京邮电大学计算机系 江苏南京210003 |
| |
| 基金项目: | 国家自然科学基金(60573141),华为基金资助 |
| |
| 摘 要: | 提出了一种网络流量异常状态统计模型——混合二次网络状态模型MQNSM-G(DKS,DKKS,DAKS)。该模型从动态性原则以及降低误检率和漏检率思想出发,改进原有统计模型,建立了可以动态设定描述网络流量状态参数的加权统计模型。基于混合二次网络状态模型MQNSM-G(DKS,DKKS,DAKS)的入侵检测系统进一步证明了该模型可以更大程度上提高异常检测性能,降低其误检率和漏检率。
|
| 关 键 词: | 分布式拒绝服务攻击 入侵检测 误检率 漏检率 |
| 文章编号: | 1673-629X(2007)03-0153-03 |
| 修稿时间: | 2006年5月25日 |
Research on Mixed Quadratic Network Traffic Abnormal States Model |
| |
| SUN Zhi-xin,JIAO Lin,JIANG Ju-liang.Research on Mixed Quadratic Network Traffic Abnormal States Model[J].Microcomputer Development,2007,17(3):153-155. |
| |
| Authors: | SUN Zhi-xin JIAO Lin JIANG Ju-liang |
| |
| Abstract: | A statistical model for detecting abnormal network traffic-mixed quadratic network states model MQNSM-G(DKS,DKKS,DAKS)is presented.Based on principles of developments and reducing FNP and FPP,this paper builds up a statistical model with weights that can dynamically set parameters of network traffic states,which improves on former statistical models.It has proved that performances of anomaly detection can be improved to a great degree and the FPP and FNP can be cut down prominently in an IDS based on the mixed quadratic network states model MQNSM-G(DKS,DKKS,DAKS). |
| |
| Keywords: | distributed denial of service intrusion detection false positive probability false negative probability |
| 本文献已被 CNKI 等数据库收录! |
|
