检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:李丛[1]
出 处:《计算机与数字工程》2012年第12期123-125,共3页Computer & Digital Engineering
摘 要:入侵检测系统是保护网络安全的重要手段,是一种基于入侵行为发现的主动保护、免受攻击的网络安全技术。而防火墙等传统的入侵检测系统在有效性、适应性和可扩展性方面都存在不足,尤其是在遇到新的入侵类型时变得无能为力。文章在对入侵检测基本知识等进行介绍的基础上,依据在网络数据包中发现的频繁情节,设计了基于HMM的误用检测模型,实现了在没有任何手工规则的前提下,仅根据网络数据包的特征,就能较为准确地检测出已知的和未知的攻击。通过实验表明,该文提出的方案能较好地检测复杂网络的攻击。Intrusion detection system is an important means to protect network security and a network security technology which can protect network from attack based on intrusion detection. Traditional intrusion detection systems such as firewall lack effectiveness, adaptability and extensibility, and especially, they become ineffective in the face of new kind of attacks. After introducing the basic knowledge about intrusion detection, this dissertation designs misuse intrusion detection model based on HMM according to the frequent episodes discovered in the network data packets. The model is able to detect known and unknown attacks only based on the features of the data without any manual rules. Experimental evaluation shows that the model proposed in the dissertation are more efficient and effective.
分 类 号:TP393.1[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:3.142.244.250