| 基于时间分段的贝叶斯网络异常检测方法 |
| |
| 引用本文: | 刘涛,齐爱玲.基于时间分段的贝叶斯网络异常检测方法[J].信息安全与通信保密,2009(6):112-115. |
| |
| 作者姓名: | 刘涛 齐爱玲 |
| |
| 作者单位: | 1. 西安科技大学,西安,710054;西安交大捷普网络科技有限公司,西安,710075
2. 西安科技大学,西安,710054 |
| |
| 摘 要: | 论文提出一种将时间分段函数与贝叶斯统计模型相结合的方法来进行网络异常检测,该方法通过使用加入时间函数的贝叶斯统计模型来发现和判定网络中的异常,利用贝叶斯理论在解决不确定问题方面的优点与网络环境中流量随时间变化的函数相结合,来发现大量事件之间的联系,对系统行为进行分类,建立起异常入侵检测模型,通过这个模型能够分析判断网络异常行为的发生。通过将该方法加入到西安交大捷普的入侵检测系统中可以发现,该方法能有效提高检测网络异常的检测率。
|
| 关 键 词: | 网络安全 异常检测 朴素贝叶斯 时间分段 |
Bayesina Network Anomaly Detection Based on Time Slicing |
| |
| LIU Tao,QI Ai-ling.Bayesina Network Anomaly Detection Based on Time Slicing[J].China Information Security,2009(6):112-115. |
| |
| Authors: | LIU Tao QI Ai-ling |
| |
| Affiliation: | LIU Tao, QI Ai-ling (1.Xi'an University of Science and Technology., Xi'an Shaanxi 710054, China 2.Xi'an Jiaotong University JUMP Network Technology CO., LTD., Xi'an Shaanxi 710054, China) |
| |
| Abstract: | This paper present a method combining Naive Bayesian model with function of time slicing which is used for network anomaly detection. By using Nave Bayesian model with time function, the method is intended to find and determine abnormity in the computer network. Combining the advantages of Nave Bayesian theorem when solving uncertain problems with the function whose network traffic change with time, the purpose is to establish anomaly intrusion detection model for the network activity so as to determine the occurrence of network anomaly by discovering the relationship among mass events and classifying network system behavior. It has been proved by a simulation experiment that anomaly behavior will be effectively analyzed by Nave Bayesian model with time slicing. |
| |
| Keywords: | Network security Anomaly detection Nave Bayesian Time Slicing |
| 本文献已被 维普 万方数据 等数据库收录! |
|
