摘要
提出一种基于统计方法的入侵检测模型。审计记录是入侵检测模型实施的依据,文章使用神经网络技术训练审计记录,获得每个属性的正常区间,通过区间选取算法。得到阀值向量,结合加权特征向量和伯努利向量,进行加权入侵得分的计算和疑义商的计算,疑义商就是本模型判断入侵的依据,根据专家的经验,设置相应的阀值就可以自动地实现入侵报警。
This text then puts forward an intrusion detection model. This text uses the neural network technique to train these audit records, and then gets the normal zone of each attribute. It will get value vector by computing the zone selection algorithm. Then we can compute the weighted intrusion score and the suspicion quotient by putting the weighted vector and the Bernoulli vector together. The suspicion quotient is a basis to judge whether an intrusion has happened or not. The bigger the value of the suspicion quotient is, the more possibility of an intrusion. According to the experiences of the experts in this field, the model will alarm automatically if we configure the corresponding values.
出处
《微电子学与计算机》
CSCD
北大核心
2006年第12期203-205,共3页
Microelectronics & Computer
基金
浙江省教育厅科研项目(20060441)
关键词
统计方法
入侵检测
神经网络
疑义商
Statistics, Intrusion detection, Neural network, Suspicion quotient
