检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
出 处:《计算机仿真》2005年第1期167-169,共3页Computer Simulation
基 金:暨南大学自然科学基金 ( 2 0 0 3 0 2 3 )
摘 要:入侵检测系统一直以来都是多层安全体系架构不可或缺的一部分。异常检测试图判定程序当前行为与已建立的正常的运行模式是否发生较大偏移来判断入侵的发生 ,能有效地识别未知的入侵模式 ,具有较高的检测率。传统的检测方式通常将结果判定为真或假 ,并由于各种因素的影响而产生了伪肯定和伪否定。通过将网络行为的可能攻击程度描述为连续量 ,并分析检测规则的置信度和网络行为的可能攻击程度之间存在的关系 ,以检测规则的置信度来判定是攻击行为的可能性 。Intrusion Detection Systems have long been recognized as a necessary component of a multilayered security architecture. Anomaly detection attempts to compare current program behavior with normal program' profile produced in advance and automatically detects any deviation from it, identify new types of intrusions as deviations from normal usage, hence it has high detection rate. Traditional detection method depicts result with true of false simply,because of all kinds of factors ,False positives and false negatives exists all the time.Characterizing network action's attack possibility by consecutive variable, analyzing the relationship between the confidence of the detection rules and possibility of that a network action is an attack, we provide a model of anomaly detection based on confidence by using confidence of a detection rule to judge the network action.
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.188
