期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

入侵检测系统的可信问题 被引量:21

Creditability Problems in Intrusion Detection Systems
在线阅读 下载PDF
导出
摘要 首先讨论了当前入侵检测系统存在的信任危机的原因 ,并得出结论 :若希望入侵检测系统的报警可信概率超过5 0 % ,必须使虚警率低于入侵发生的先验概率 接着论述了在异常检测系统和滥用检测系统中产生虚警的原因 最后结合研发的AIIDS系统讨论了抑制虚警可能采取的方法 ,重点讨论了用隐马尔可夫模型过滤系统调用数据以增加相对条件熵的方法和根据入侵的定义以及来自免疫系统机理的启发 ,建立了协同信号机制而遏制虚警的方法. The reasons for creditability crisis in available intrusion detection systems are discussed and the high false positive rate and low intrusion base rate leading to the IDSs undependable are explained. Then the causes for high false positive rate in both misuse detection systems and anomaly detection systems are given. Finally some methods are presented to reduce the false positive rate.
作者 闫巧 喻建平 谢维信
机构地区 西安电子科技大学电子工程学院 深圳大学信息工程学院
出处 《计算机研究与发展》 EI CSCD 北大核心 2003年第8期1203-1208,共6页 Journal of Computer Research and Development
基金 国家"八六三"高技术研究发展计划项目基金 ( 2 0 0 1AA14 2 10 0B) 广东省自然科学基金 ( 0 2 12 82 )
关键词 入侵检测 虚警率 可信性 入侵检测系统(IDS) intrusion detection false positive rate creditability intrusion detection system(IDS)
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献11

  • 1Stefan Axelsson. The base-rate fallacy and the difficulty of intrusion detection. ACM Trans on Information and System Security, 2000, 3(3): 186--205.
  • 2Anup K Ghosh. Aaron Schwartzbard, Michael Schatz. Learning program behavior profiles for intrusion detection. The 1st USENIX Workshop on Intrusion Detection and Network Monitoring, Santa Clara, CA, USA, 1999.
  • 3R Maxion, K M C Tan. Benchmarking anomaly-based detection systems. The 1st Int'l Conf on Dependable Systems & Networks,New York, USA, 2000.
  • 4Samuel Patton, William Yurcik, David Doss. An Achilles' heel in signature-based IDS: Squealing false positives in SNORT. The 4th Int'l Symp on Recent Advances in Intrusion Detection (RAID),University of California--Davis, USA, 2001.
  • 5Stephanle Forrest, Steven, A Hofmeyr et al. A sense of self for Unix processes. In: IEEE Symp on Security and Privacy.Oakland, California: IEEE Computer Society Press, 1996. 120--128.
  • 6Christina Warrender, Stephanie Forrest, Barak Pearlmutt.Detecting intrusions using system calls: Alternative data model.In: IEEE Symp on Security and Privacy. Oakland, California:IEEE Computer Society Press, 1999. 133--145.
  • 7Yah Qiao, Xie Weixin et al. An anomaly intrusion detection method based on HMM. Electronics Letters, 2002, 38(13) : 663~664.
  • 8H S Javitz, A Valdes. The SRI IDES statistical anomaly detector.In: Proc of the IEEE Symp on Research in Security and Privacy,Oakland, CA: IEEE Computer Society Press, 1991.
  • 9Steven A Hofmeyr. An immunological model of distributed detection and its application to ctmaputer security [Ph D dissertation]. Department of Computer Sciences, University of New Mexico, Albuquerque, NM, 1999.
  • 10Yan Qiao, Xie Weixin. A network IDS with low false positive rate. In: Proc of the Congress on Evolutionary Computation 2002. Honolulu, HI: IEEE Computer Society Press, 2002.

同被引文献124

引证文献21

二级引证文献33

计算机研究与发展
2003年 第8期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部