检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]哈尔滨工程大学计算机科学与技术学院,黑龙江哈尔滨150001
出 处:《哈尔滨工程大学学报》2004年第1期80-84,共5页Journal of Harbin Engineering University
摘 要:传统入侵检测系统的攻击模型库需要专家手工建立,不利于系统的推广和应用.为了实现入侵检测系统中入侵特征提取和攻击规则生成的自动化,提出将遗传算法应用于入侵检测规则学习问题中.采用遗传进化操作启发式搜索网络特征数据空间,通过操作算子进行遗传运算,产生出具有高适应度的个体,从而自动归纳出某种入侵的共同属性.采用DARPA入侵检测评价计划数据库进行了仿真实验,该方法归纳总结出的攻击特征符合客观事实,与专家建立的攻击规则一致,并且较好地处理了噪音数据,具有鲁棒性.误用检测模型自适应建立算法能够在无专家参与的情况下自动建立攻击类型库,增强了入侵检测系统的可移植性.The attack model bases of traditional intrusion detection systems are manually built, hampering the popularization and application of such systems. A study was conducted to realize the automation of intrusive feature extraction and attack rule generation. An adaptive method based on genetic algorithms was presented for learning the intrusion detection rules. This method uses heuristic search in the data space of network features. The genetic operations run through some operators. The individuals with high fitness produced, and the same attributes of an intrusion are found. In the simulations and experiments the features of an attack are summarized inductively through the databases of the DAPRA Intrusion Detection Evaluation Program, and it accorded with the objectivity and attack rule summarized by research experts. This method can process the noise data with robustness. The adaptive method for building misuse detection models can automatically create the model bases of attacks and strengthen the transplantation of intrusion detection systems.
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.3