| 基于粗糙集理论的免疫系统设计与实现 |
| |
| 引用本文: | 王丽君,高超. 基于粗糙集理论的免疫系统设计与实现[J]. 计算机工程与应用, 2006, 42(16): 129-133,199 |
| |
| 作者姓名: | 王丽君 高超 |
| |
| 作者单位: | 鞍山科技大学计算机科学与工程学院,辽宁鞍山,114044;鞍山科技大学计算机科学与工程学院,辽宁鞍山,114044 |
| |
| 摘 要: | 文章在深入分析免疫系统的基础上,提出了一种针对系统调用序列的高效低负的异常检测方法,该方法借助粗糙集理论分析进程正常运行时产生的系统调用序列,提取最简的预测规则模型。与其他方法相比,用粗糙集理论建立正常模型要求的训练数据获取简单,生成的小规则集利于实时检测,能更有效地检测进程的异常运行状态。具有这样免疫特性规则模型可以在局部和全局不同层次上检测入侵攻击,具有较好的自适应性、可扩展性和智能性。实验证明该方法的检测效率明显优于其他建模方法。
|
| 关 键 词: | 免疫系统 入侵检测 粗糙集理论 系统调用序列 |
| 文章编号: | 1002-8331-(2006)16-0129-05 |
| 收稿时间: | 2005-09-01 |
| 修稿时间: | 2005-09-01 |
Design and Implementation of Artificial Immune System Based on the Theory of Rough Set |
| |
| Wang Lijun,Gao Chao. Design and Implementation of Artificial Immune System Based on the Theory of Rough Set[J]. Computer Engineering and Applications, 2006, 42(16): 129-133,199 |
| |
| Authors: | Wang Lijun Gao Chao |
| |
| Affiliation: | School of Computer Science and Engineering,Anshan Technology and Science University, Anshan, Liaoning 114044 |
| |
| Abstract: | A high-efficient and low-loading abnormal detecting method aiming at system calls sequences based on complete analyzing the immunity theory is put forward.The method by using the rough set theory analyzes the system calls sequences created by the normal running processes;and extracts a set of forecasting rules model with the minimum size.Compared with other methods,there are some merits using the Rough set theory to create the normal model.Namely,it is simple to get the training data,the small rule set is advantage to real-time detection,and the process' abnormal running state can be detected out effectively.The rules modules with the trait of immunity can detect intrusion attack in part and the whole network.These modules have better adaptability,expansibility and intelligence.Experiment results show that the efficiency of the method in this paper is obviously better than other methods. |
| |
| Keywords: | immune system intrusion detection rough set theory system call sequences |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
