检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]天津理工大学计算机系,天津300191 [2]北京信息工程学院计算机信息系统系,北京100101
出 处:《天津大学学报》2006年第B06期375-378,共4页Journal of Tianjin University(Science and Technology)
基 金:国家自然科学基金(66272011).
摘 要:异常检测可以认为是通过对用户正常行为及系统正常应用环境的学习来识别异常的过程.由于系统及应用环境的复杂性,异常检测还难以达到很高的识别精度.为此,针对在物理上与Internet网完全隔离的计算机网络应用环境,亦即内网,提出基于mobile agent(MA)的多层次入侵检测架构,利用自组织映射网络方法,在不同层次的agent中建立二堆网格的自组织映射网络模型,分别检测目标系统不同层次上的异常现象.实验结果表明,在入侵者攻击的持续时间内,本系统通过多次采样的办法可以使检测率提高到满意的程度.Abnormal detection is considered as a process of recognizing the anomaly by learning to characterize the norm behaviors of user and system application environment. Because of complexity of application on network, it is difficult to improve the precision of abnormal detection. A multiple-layer architecture based on mobile agent(MA) for intrusion detection is presented in the computer network environment isolated with the Internet, which is often called isolated network. It utilizes the methodology of self-organizing map (SOM) neural network to build the two-dimension grid model of SOM neural network and detect the anomaly of the object system on different layers. The experiment shows that this multiple-layer architecture can improve the rate of intrusion detection by sampling time after time in the duration of the network attacked.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.64