检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:王卫平[1] 朱卫未[1] 陈文惠[1] 梁樑[1]
机构地区:[1]中国科学技术大学信息管理与决策系,合肥230052
出 处:《中国科学院研究生院学报》2006年第4期534-542,共9页Journal of the Graduate School of the Chinese Academy of Sciences
基 金:国家863计划项目(2003AA103710)资助
摘 要:基于网络的入侵检测系统中,由于检测速率与数据包采集速率不匹配,以及检测所需成本的限制,在收集用于检测的网络数据包时,必须选择有效的采样策略.本文引入博弈模型框架上的原始入侵数据包采样策略,在此基础上再进行分析和扩展.针对单一采样策略的缺陷与不足,引入风险管理的思想来分析在决策者不同效用偏好情况下的采样策略选择问题,并且通过具体的实例,说明了基于风险差异的采样策略选择的有效性.Since sampling entails incurring network costs hardware in the network-based intrusion detection system, strategy to effectively detect network intrusions without for real-time packet sampling and packet examination we would like to develop a network packet sampling exceeding the velocity of the packet examination. We consider this problem in a game theoretic framework and introduce sampling schemes that are optimal in this game theoretic setting by the Minimax theorem and the max-flow rain-cut theorem. According to the limitation and scarcity of this single intrusion node method, we introduce a method of risk management and extend the solution to more complex cases to choose sampling strategy while facing more various environments. Finally, we provide an empirical study to exemplify our improved method.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:18.219.31.133