基于误用行为分析的网络前馈式入侵检测仿真  被引量:5

Simulation of Feed Forward Network Intrusion Detection Based on Misuse Behavior Analysis

在线阅读下载全文

作  者:张秀荣[1] 

机构地区:[1]内蒙古民族大学传媒学院,内蒙古通辽028043

出  处:《计算机仿真》2014年第7期317-320,共4页Computer Simulation

基  金:国家自然科学基金资助项目(61163034)

摘  要:研究网络前馈式入侵行为检测问题,由于网络前馈式入侵行为与传统入侵行为最大的区别在于包含了众多不相干信息,形成了疑似多攻击环境,形成干扰。传统的入侵特征的检测需要逐个排除可疑入侵特征,需要对比大量的先验知识或历史知识,存在检测效率过低的问题。提出了融合误用行为分析的网络前馈式入侵检测方法,分析了检测网络误用行为的过程,依据网络误用行为会破坏数据包流量均衡的特征,设置网络误用行为相关性命题,采用概率论中的假设检验,针对网络误用行为,若置信区间不包含零点,说明网络存在前馈式入侵行为;否则网络不存在前馈式入侵行为。实验结果表明,改进方法有效解决多数据包协同合作的入侵问题,相比传统方法,检测速度和检测准确率明显较高。Feed forward network intrusion behavior detection was studied. In this paper, a new method fused with misuse behavior analysis for feed forward network intrusion detection was proposed. In this method, the process of detecting network misuse behavior was analyzed. On the basis of the balanced feature that network misuse behavior can destroy the data packet flow, the proposition correlated with network misuse behavior was set up. Meanwhile, hypothesis test of probability theory was used. For the network misuse behavior, if null point is not included in the confidence interval, it means that feed forward intrusion behavior exists in network ; otherwise, the feed forward intrusion behavior did not exist in network. The experimental results show that the improved method can effectively solve the in- trusion problem of multiple packets collaboration. Compared with traditional methods, the detection speed and accuracy of this method are quite high.

关 键 词:误用行为 网络前馈式 入侵检测 

分 类 号:TP311[自动化与计算机技术—计算机软件与理论]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象