检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]西安建筑科技大学管理学院,陕西西安710055
出 处:《系统工程与电子技术》2006年第12期1940-1944,共5页Systems Engineering and Electronics
基 金:陕西自然科学基金(2002G07);西安建筑科技大学基础研究基金项目(JC0616)资助课题
摘 要:为了克服预警系统普遍存在的有效记忆存储模式和预警反应模式缺失问题,降低虚警率和漏警率,通过分析Web攻击的一般过程和生物记忆的基本原理,建立了基于记忆原理的Web入侵预警系统模型。在该模型中,应用短时记忆容量限制理论来节省系统大量的存储空间,为系统的分布式扩展提供了良好的条件;应用长时记忆理论使系统能检测较长时间跨度的入侵行为;感应阈技术又能灵活调整系统的灵敏度。该系统建立在实时基础上,能及时有效地产生警报数据。实验检验证明系统能有效地对异常访问行为产生警报,变化形式灵活,对于短时间的爆发式异常访问和时间跨度比较大的异常访问行为都能给出准确的警报。To overcome the shortness of effective storage and early warning response mechanism in current early warning systems, and reduce frequency of void warning and leak warning, through analyzing general processes of Web attack and basic principles of biological memory, a system model of early warning for Web intrusion based on biological memory principles is established. In the model, the short-period memory capacity restricting theory is used to save a large mount of system storage space so as to provide a good condition for system distributed expansion; the long-period memory theory is used to detect intrusion behaviors with long-period span; the inductive valve technique is used to flexibly adjust sensitivity of system. The system is online built so that effective warning information is produced timely. Through application, the system is found to throw early warning signals on anomalous accesses effectively and timely, and has advantages of flexible warning, can pro duce accurate warning on anomalous accesses with short-period outburst and long-period span.
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.31