| 基于D-S证据理论的入侵检测模型 |
| |
| 引用本文: | 龚琼瑶,丁宏,孔霆.基于D-S证据理论的入侵检测模型[J].计算机工程与应用,2008,44(18):113-114. |
| |
| 作者姓名: | 龚琼瑶 丁宏 孔霆 |
| |
| 作者单位: | 1.杭州电子科技大学 计算机学院,杭州 310018 2.浙江警察学院 实验中心,杭州 310053 |
| |
| 基金项目: | 浙江省自然科学基金
,
浙江省教育厅资助项目 |
| |
| 摘 要: | 将数据融合理论引入到入侵检测过程,提出基于数据融合的入侵检测系统模型,并在系统模型的实现过程中应用了多Agent技术,使整个模型具有良好的扩展性。在聚类、合并、关联的数据融合过程中应用了D-S证据理论,在一定程度上解决当前入侵检测系统中存在的告警洪流、误报率高、告警之间的关联性差等问题,提高了分布式入侵检测系统的检测性能。
|
| 关 键 词: | 入侵检测系统 数据融合 D-S证据理论 Agent |
| 文章编号: | 1002-8331(2008)18-0113-02 |
| 收稿时间: | 2007-9-20 |
| 修稿时间: | 2007年9月20日 |
Intrusion detection model based on D-S evidence theory |
| |
| GONG Qiong-yao,DING Hong,KONG Ting.Intrusion detection model based on D-S evidence theory[J].Computer Engineering and Applications,2008,44(18):113-114. |
| |
| Authors: | GONG Qiong-yao DING Hong KONG Ting |
| |
| Affiliation: | 1.School of Computer,Hangzhou Dianzi University,Hangzhou 310018,China 2.Zhejiang Police College,Hangzhou 310053,China |
| |
| Abstract: | This article introduces the data fusion theory into the intrusion detection process,proposes an intrusion detection system model based on the data fusion,and has applied the multi- Agent technology in the system model realization process,enable the entire model having the good extension.In the data fusion process of clustering,merging and associating this article applies the D-S evidence theory,solves the problems of warning onrush,high false reporting rate,inferior question between the warning association which existed in the current intrusion detection system,enhances the detection performance of the distributing intrusion detection system. |
| |
| Keywords: | intrusion detection system data fusion D-S evidence theory Agent |
| 本文献已被 CNKI 万方数据 等数据库收录! |
| 点击此处可从《计算机工程与应用》浏览原始摘要信息 |
|
点击此处可从《计算机工程与应用》下载全文 |
