期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于误用检测与异常行为检测的整合模型 被引量:13

An integrated model based on misuse detection and anomaly behavior detection
原文传递
导出
摘要 针对入侵检测中普遍存在检测率低与误报过高的问题,采用基于多维-隐马尔可夫模型的检测方法和基于Apriori算法的误用检测技术相结合的入侵检测系统(intrusion detection system,IDS)模型。新模型减少了单纯使用某种入侵检测技术时的漏报率和误报率,同时在异常检测模块中采用了隐马尔可夫与简单贝叶斯分类器相结合的新检测方法,用来处理具有时间相关的多维度序列,从而提高系统的安全性和检测效率。使用KDD Cup99数据集进行效果评估证明:新的模型系统检测率为93.12%,而误报率为0.46%,能有效检测网络数据中的入侵行为。 Aimed at low detection rate and high false positive rate problems which are widespread in intrusion detection system,an intrusion detection system(IDS) model was combined by the detection method based on multi-dimensional-hidden Markov model and misuse detection technology based on Apriori algorithm.The false negative rate and false positive rate were reduced by the new model when a simple intrusion detection technology was used,meanwhile,a new detection method which was integrated by Hidden Markov and simple Bayesian classifier in the anomaly detection module was put to use,multi-dimensional sequence which has time correlation was dealt with by it,thereby it enhanced system security and detection efficiency.Result evaluations by using KDD Cup99 data sets show that: detection rate of new model systems is 93.12%,false positive rate is 0.46%,and it can detect intrusion behavior of network data effectively.
作者 谢红 刘人杰 陈纯锴
机构地区 哈尔滨工程大学信息与通信工程学院
出处 《重庆邮电大学学报(自然科学版)》 北大核心 2012年第1期73-77,共5页 Journal of Chongqing University of Posts and Telecommunications(Natural Science Edition)
基金 哈尔滨工程大学硕士研究生培养基金~~
关键词 入侵检测 误用检测 异常行为 intrusion detection misuse detection anomaly behavior
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献1

二级参考文献15

  • 1Friedman N,Geiger D,Goldszmidt M.Bayesian network classifiers.Machine Learning,1997,29(2-3):131-163.
  • 2Langley P,Iba W,Thompson K.An analysis of Bayesian classifiers.In:Rosenbloom P,Szolovits P,eds.Proc.of the 10th National Conf.on Artificial Intelligence.Menlo Park:AAAI Press,1992.223-228.
  • 3Kononenko I.Seminaive Bayesian classifier.In:Kodratoff Y,ed.Proc.of the 6th European Working Session on Learning.New York:Springer-Verlag,1991.206-219.
  • 4Pazzani MJ.Searching for dependencies in Bayesian classifiers.In:Fisher D,Lenz HJ,eds.Learning from Data:Artificial Intelligence and Statistics V.New York:Springer-Verlag.1996.239-248.
  • 5Langley P,Sage S.Induction of selective Bayesian classifiers.In:Mantaras RL,Poole DL,eds.Proc.of the 10th Conf.on Uncertainty in Artificial Intelligence.San Francisco:Morgan Kaufmann Publishers,1994.399-406.
  • 6Webb GI,Pazzani MJ.Adjusted probability naive Bayesian induction.In:Antoniou G,Slaney JK,eds.Proc.of the 11th Australian Joint Conf.on Artificial Intelligence.Berlin:Springer-Verlag,1998.285-295.
  • 7Kohavi R.Scaling up the accuracy of Naive-Bayes classifiers:A decision-tree hybrid.In:Simoudis E,Han J,Fayyad UM,eds.Proc.of the 2nd Int'l Conf.on Knowledge Discovery and Data Mining.Menlo Park:AAAI Press,1996.202~207.
  • 8Keogh EJ,Pazzani MJ.Learning augmented Bayesian classifiers:A comparison of distribution-based and classification-based approaches.In:Heckerman DE,Whittaker J,eds.Proc.of the Uncertainty'99:The 7th Int'l Workshop on Artificial Intelligence and Statistics.
  • 9Cheng J,Greiner R.Comparing Bayesian network classifiers.In:Laskey KB,Prade H,eds.Proc.of the 15th Conf.on Uncertainty in Artificial Intelligence.San Francisco:Morgan Kaufmann Publishers,1999.101-108.
  • 10Chickering DM,Geiger D,Heckerman D.Learning Bayesian networks is NP-complete.In:Fisher DH,Lenz HJ,eds.Learning from Data:Artificial Intelligence and Statistics V.New York:Springer-Verlag,1996.121-130.

共引文献43

同被引文献133

  • 1卿斯汉,蒋建春,马恒太,文伟平,刘雪飞.入侵检测技术研究综述[J].通信学报,2004,25(7):19-29. 被引量:237
  • 2纪祥敏,宁正元,林大辉.误用检测技术研究[J].福建电脑,2006,22(2):6-7. 被引量:3
  • 3刘欣然.一种新型网络攻击分类体系[J].通信学报,2006,27(2):160-167. 被引量:14
  • 4王文娟,王杰,李冬梅,杜光辉.基于Apriori改进算法的入侵检测系统的研究[J].微计算机信息,2006,22(11X):94-96. 被引量:5
  • 5刘兰,李之棠,李家春,谭晓玲.小波及网络异常行为分析[J].计算机应用研究,2007,24(4):318-320. 被引量:1
  • 6胡昌振.北京理工大学出版社,北京,2010.
  • 7周芳,郑雪峰,于真.信任模型在无线传感器网络入侵检测中的应用[J].计算机科学,2011,58(10):59-61.
  • 8DAWES Les, GOONETILLEKE Ashantha. Using multi- variate analysis to predict the behaviour of soils under ef- fluent irrigation [ J ]. Water Air and Soil Pollution-WA- TER AIR SOIL POLLUT, 2006, 172(1-4) : 109-127.
  • 9KRZYSZTOF Patan, THOMAS Parisini. Identification of neural dynamic models for fault detection and isolation: the case of a real Sugar evaporation process [ J ]. Journal of Process Control, 2005, 15( 1 ) :67-79.
  • 10CHENG Sujun, CHENG Zhendong, LUAN Zhongzhi, et al. NEPnet: A sealable monitoring system for anomaly detection of network service [ C ]//Cheng, S. 2011 7th International Conference on Network and Service Manage- ment, CNSM 2011. Piscataway, NJ 08855-1331, United States: IEEE Computer Society, 445 Hoes Lane-P. O. Box 1331. 2011:338-342.

引证文献13

二级引证文献66

重庆邮电大学学报(自然科学版)
2012年 第1期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部