摘要
提出了基于入侵统计的宏观异常情况的分析方法。在分布式入侵检测系统应用中,监控中心经常汇聚着大量的来不及处理和响应的警报数据,为提高入侵分析的效率和准确性,从警报数据中提取入侵强度和入侵实体数量等特征值,利用统计分析方法检测异常。应用结果表明,为大规模入侵检测系统的宏观异常发现提供了一种有效的新方法。
An approach of Intrusion Statistic-based anomaly detection is presented.In the applying of distributed intru-sion detection systems ,control centers always aggregate large numbers of alert data so that they cannot be dealt with and responded in time.In order to improve efficiency and veracity of intrusion analysis,the authors abstract intrusion in-tensity value and entity number value from alert data and use statistical approach to detect anomaly.The results of ap-plying show that this new method is effective to discover anomaly in large-scale intrusion detection systems.
出处
《计算机工程与应用》
CSCD
北大核心
2002年第22期48-50,共3页
Computer Engineering and Applications
基金
部委预研基金项目
