摘要
目前国际上已实现的大多数入侵检测系统是基于滥用检测技术的 ,异常检测技术还不太成熟 ,尤其是基于网络的异常检测技术 ,如何提高其准确性、效率和可用性是研究的难点 提出了一种面向网络的异常检测算法FJADA ,该算法借鉴了模糊数学的理论 ,应用模糊综合评判工具来评价网络连接的“异常度” ,从而确定该连接是否“入侵”行为 实验证明 ,该方法能检测出未知的入侵方式 。
Currently most internationally implemented IDSs are based on the technology of misuse detection. The technology of anomaly detection, especially which is based on network, is not so mature. How to improve its accuracy, efficiency, and usability is the difficulty of research. Presented in this paper is an algorithm of anomaly detection oriented to computer network: FJADA, which has benefited from fuzzy mathematics. The algorithm applies fuzzy judgement to evaluate the anomaly degree of a network connection, and then decides whether the network connection is intrusive or not. Experiments have verified that the method can detect unknown intrusion and the accuracy is high.
出处
《计算机研究与发展》
EI
CSCD
北大核心
2003年第6期776-783,共8页
Journal of Computer Research and Development
基金
国家自然科学基金项目 ( 90 10 40 31)
关键词
入侵检测
滥用检测
异常检测
模糊综合评判
语言变量
intrusion detection
misuse detection
anomaly detection
fuzzy judgement
linguistic variable
