检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]天津理工大学智能计算与软件新技术重点实验室,天津300384 [2]天津理工大学省部共建教育部计算机视觉与系统重点实验室,天津300384
出 处:《天津理工大学学报》2010年第5期34-38,共5页Journal of Tianjin University of Technology
基 金:天津市教委滨海双百项目(SB20080055;SB20080053)
摘 要:提出了基于模式匹配与前馈式神经网络相结合的入侵检测模型.该模型运用分布式网络检测及分析系统HISTORY实现数据的采集,然后,对数据流进行数据结构转换预处理,并由模式匹配模块过滤掉部分已知入侵事件,减轻下一步入侵检测的负荷,从而提高入侵检测的效率和精准度.传统的单数据包检测只能检测孤立的入侵事件,而对于多数据包协同合作的入侵却显的无能为力.因此,本文入侵检测模块结合了单数据包检测和多数据包检测方法.实验结果表明:分析系统HISTORY的应用提高了数据处理的效率,多数据包检测弥补了单数据包检测中漏检的入侵事件,有效降低了入侵检测的漏检率.An intrusion detection model is proposed based on pattern matching and feed-forward neural network in this paper.In which,as a distributed network testing and analysis system,HISTORY is used to collect data.Then,the data stream is converted its' data structure for preprocessing.Some of the known intrusions are filtered out by pattern matching module,so that to reduce the load of the next step on intrusion detection,and the efficiency and accuracy of intrusion detection can be improved.The traditional single-packet inspection can only detect the intrusion that is an isolated incident,but is powerless for the collaborative multi-packets intrusion.Therefore,this paper combines single-packet inspection with multi-packet detection methods.The experimental results show that: the efficiency of data processing has been improved by the analysis system of HISTORY;the multi-packet inspection can remedy the shortage of the single-packet inspection;the loss detection rate is reduced effectively.
分 类 号:TP391.22[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.15