摘要
将代价敏感应用于告警相关,运用贝叶斯网络判断告警代价,将考虑代价的部分放入整个相关框架中,以减少告警相关的时间,提高响应速度.实验结果表明,该方法能有效的分离出重要的告警.
Since different type of attacks aimed at different computers make different damage, the authors propose the conception of cost-sensitive in alert correlation and judge the alert cost based on Bayesian network, which is inserted into the cal experiments show that correlation process. This can speed up the correlation and response rapidly. Empirithis method can separate the important alerts correctly.
出处
《长沙电力学院学报(自然科学版)》
2005年第3期69-72,共4页
JOurnal of Changsha University of electric Power:Natural Science
基金
湖南省科技攻关项目(04GK3022)
东莞市科研发展基金资助(2004B1037)
关键词
入侵检测
告警相关
贝叶斯网络
代价敏感
intrusion detection
alert correlation
Bayesian network
cost-sensitive
