| 报警信息聚合研究 |
| |
| 引用本文: | 胡振华,张永胜,逯义军,徐震. 报警信息聚合研究[J]. 计算机安全, 2009, 0(2) |
| |
| 作者姓名: | 胡振华 张永胜 逯义军 徐震 |
| |
| 作者单位: | 山东师范大学,信息科学与工程学院,山东,济南,250014;山东师范大学,管理与经济学院,山东,济南,250014 |
| |
| 摘 要: | 入侵检测系统的诸多不完善的因素制约了入侵检测的发展,入侵检测一直也成为人们研究的一个重点,而报警信息聚合可以有效地减少报警数量,提高网络预警能力,对入侵检测系统有着十分重大的意义.首先将报警分成四大类,再判定不同类别中报警信息的关系,进行聚合,最后根据不同的属性找出各报警信息的关联关系.
|
| 关 键 词: | 入侵检测 报警 分类 聚合 关联 |
The Study of Alert Aggregation |
| |
| HU Zhen-hua,ZHANG Yong-sheng,LU Yi-jun,Xu Zhen. The Study of Alert Aggregation[J]. Network & Computer Security, 2009, 0(2) |
| |
| Authors: | HU Zhen-hua ZHANG Yong-sheng LU Yi-jun Xu Zhen |
| |
| Affiliation: | 1. School of Information Science and Engineering;Shandong Normal University;Jinan;Shandong 250014 China;2. School of Management and Economic;Shandong 250014 China |
| |
| Abstract: | The imperfections the intrusion Detection System constraining the development of Intrusion Detection ,and Intrusion Detection has also become a focus of study. Alert aggregation, it very important to the Intrusion Detection System, can effectively reduce the member of alerts, and it can increase network warning ability. First, we categorize all alerts into four classes according to the attack event type, then make sure the relationship of the alerts and aggregate them, and find out the correlation between t... |
| |
| Keywords: | Intrusion detection Alert Category Aggregation Correlation |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
