期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于隐马尔可夫模型的入侵检测系统 被引量:9

An Intrusion Detection System Based on Hidden Markov Model
在线阅读 下载PDF
导出
摘要 首先介绍了基于隐马尔可夫模型(HMM)的入侵检测系统(IDS)框架,然后建立了一个计算机系统运行状况的隐马尔可夫模型,最后通过实验论述了该系统的工作过程。通过仅仅考虑基于攻击域知识的特权流事件来缩短建模时间并提高性能,从而使系统更加高效。实验表明,用这种方法建模的系统在不影响检测率的情况下,比传统的用所有数据建模大大地节省了模型训练的时间,降低了误报率。因此,适合用于在计算机系统上进行实时检测。 The paper presents the framework of the Intrusion Detection System(IDS) based on hidden Markov model(HMM).Then,a hidden Markov model for the normal states of computer system is proposed.Finally,the work procedure of the proposed system is described by experiment.It proposes an effective IDS that improves the modeling time and performance with only considering the events of privilege flows based on the domain knowledge of attacks.Experimental results show that the proposed method requires significantly shorter time to train HMM without loss of detection rate and significantly reduces the false alarm rate than the other modeling method using all audit data.This method is not only useful in theory,but also can be used in practice to monitor the computer system in real time.
作者 杨新旭 王长山 王东琦 郑丽娜
机构地区 西安电子科技大学计算机学院 南京邮电学院计算机科学与技术系
出处 《计算机工程与应用》 CSCD 北大核心 2005年第12期149-151,共3页 Computer Engineering and Applications
关键词 入侵检测 隐马尔可夫模型(HMM) 特权流 intrusion detection,Hidden Markov Model(HMM),privilege flow
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献5

  • 1卢坚,毛兵,孙正兴,张福炎.一种改进的基于说话者的语音分割算法[J].软件学报,2002,13(2):274-279. 被引量:17
  • 2Mukkamala S,Janoski G,Sung A H.Intrusion Detection Using Neural Networks and Support Vector Machines[C].In:Proceedings of IEEE International Joint Conference on Neural Networks,2002:1702~1707.
  • 3Dit-Yan Yeung,Yuxin Ding. Host-based intrusion detection using dynamic and static behavioral models[J].Pattern Recognition,2003 ;36:229~243.
  • 4S Jha, K Tan, RA Maxion. Markov Chains, Classifiers, and Intrusion Detection[C].In: Computer Security Foundations Workshop, 2001 Proceedings 14th IEEE,2001.
  • 5Alexandr Seleznyov,Vagan Terziyan,Seppo Puuronen.Temporal-Probabilistic Network Approach for Anomaly Intrusion Detection[C].In:12th Annual Computer Security Incident Handling Conference,Chicago,USA,2000.

二级参考文献11

  • 1Delacourt, P., Wellekens, C.J. DISTBIC: a speaker-based segmentation for audio data indexing. Speech Communication, 2000,32(1~2):111~126.
  • 2Guo, Xue-feng, Zhu, Wei-bin, Shi, Qiu. The IBM LVCSR system used for 1998 Mandarin broadcast news transcription evaluation. In: Proceedings of the 1999 DARPA Broadcast News Workshop. 1999. http://www.nist.gov/.
  • 3Bakis, R., Chen, S., Gopalakrishnan, P.S., et al. Transcription of broadcast news shows with the IBM large vocabulary speech recognition system. In: Proceedings of the DARPA Speech Recognition Workshop. Chantilly, 1997. 67~72.
  • 4Wegmann, S., Zhan, P., Gillick, L. Progress in broadcast news transcription at Dragon systems. In: Proceedings of the ICASSP'99, Vol. 1. Phoenix, Arizona: IEEE. 1999. 33~36.
  • 5Siegler, M.A., Jain U., Raj, B., et al. Automatic segmentation, classification, and clustering of broadcast news audio. In: Proceedings of the DARPA Speech Recognition Workshop. Chantilly, 1997. 97~99.
  • 6Cover, T.M., Tomas, J.A. Elements of Information Theory. New York: John Wiley & Sons, 1991. 1197-1208.
  • 7Gish, H., Schmidt, N. Text-Independent speaker identification. IEEE Signal Processing Magazine, 1994,11(4):18~32.
  • 8Chen, S.S., Gopalakrishnan, P.S. Clustering via the bayesian information criterion with applications in speech recognition. In: Proceedings of the ICASSP'98, Vol. 2, Seattle, Washington: IEEE, 1998. 645~648.
  • 9Schwarz, G. Estimating the dimension of a model. The Annuals of Statistics, 1978,6:461~464.
  • 10Delacourt, P., Wellejkens, C.J. Audio data indexing: use of second-order statistics for speaker-based segmentation. In: Proceedings of the IEEE International Conference on Multimedia Computing and Systems (ICMCS'1999), Vol.2. Florence, Italy: IEEE, 1999. 959~963.

共引文献16

同被引文献76

引证文献9

二级引证文献37

计算机工程与应用
2005年 第12期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部