期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种基于HMM和遗传算法的伪装入侵检测方法 被引量:2

Method for Masquerade Intrusion Detection Based on HMM and Genetic Algorithm
下载PDF
导出
摘要 针对目前伪装入侵检测算法在确定序列的滑动窗口长度中存在的主要问题,以及使得检测阈值的计算更加容易、精确,本文提出了一个新的伪装入侵检测算法-MDAA,它使用HMM(Hidden Markov Model)模型表示正常用户行为,通过计算模型的条件熵确定滑动窗口长度.实现了滑动窗口长度随不同的用户模型而自动变化,达到自适应参数调整的目的.采用遗传算法计算子序列相对用户模型的最大和最小似然值,从而将滑动窗口分割到的子序列转换成便于决策的量.在一个真实的伪装检测数据集上进行了实验,结果表明该方法能得到较好的性能,并且更能适应不同用户的伪装检测. A new detection method, MDAA, is proposed to solve the problems in determining the sliding window size and make it easily in selecting a precise decision value for current detection algorithms. In MDAA, HMM (Hidden Markov Model) is used to model the users' normal action. Sliding window size is determined by computing condition entropy of the model, thus the size can be adaptive to different users. Genetic algorithm is used to compute the maximal and minimal likelihood of sequence, and then the sequence can be transformed to a value that is more easily to be judged. Experiments on a real world data set show that the MDAA can get a better performance, and also it can be more adaptive to different users.
作者 曾剑平 郭东辉
机构地区 厦门大学物理系EDA实验室
出处 《小型微型计算机系统》 CSCD 北大核心 2007年第7期1210-1215,共6页 Journal of Chinese Computer Systems
基金 国家教育部新世纪人才计划项目资助 国家人事部留学人员创业基金项目资助 福建省自然科学基金项目(A0410007)资助
关键词 HMM 伪装入侵检测 遗传算法 hidden markov model masquerade intrusion detection genetic algorithm
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献4

二级参考文献21

  • 1徐宗本,李国.解全局优化问题的仿生类算法(I)—模拟进化算法[J].运筹学杂志,1995,14(2):1-13. 被引量:39
  • 2Rabiner L R,Juang B H. An Introduction to Hidden Markov Models[J]. IEEE ASSP Magazine, 1986( 1 ):4 - 16. 被引量:1
  • 3Warrender C,Forrest S,Pesrlmutter B.Detecting Intrusions Using System Calls :Alternative Data Models [C].Proc the 1999 IEEE Symposium on Security and Privacy ,Berkely ,California, USA: IEEE Computer Society, 1999:133 - 145. 被引量:1
  • 4Lane T.Machine Learning Techniques for the Computer Security Domain of Anomaly Detection [D].Purdue University ,2000. 被引量:1
  • 5Kosoresow A P, Hofmeyr S A. A Shape of Self for UNIX Processes[J]. IEEE Software, 1997,14(5) :35 - 42. 被引量:1
  • 6Forrest S, Hofmeyr S A, Somayaji A, et al. A sense of self for Unix processes [A]. 1996 IEEE Symposium on Security and Privacy, Oakland,USA, 1996. 被引量:1
  • 7Lee W, Stolfo S. Data mining approaches for intrusion detection [A]. 7th USENIX Security Symposium, Berkeley,USA, 1998. 被引量:1
  • 8Wang Wei, Guan Xiaohong, Zhang Xiangliang. Profiling program and user behaviors based on non-negative factorization for anomaly intrusion detection [A]. 43rd IEEE Conference on Control and Decision, Nassau, Bahamas,2004. 被引量:1
  • 9Wang Wei, Guan Xiaohong, Zhang Xiangliang. A Novel intrusion detection method based on principal component analysis in computer security [A]. International IEEE Symposium on Neural Networks, Dalian, China,2004. 被引量:1
  • 10Warrender C, Forrest S, Pearlmutter B. Detecting intrusions using system calls: alternative data models [A]. 1999 IEEE Symposium on Security and Privacy, Oakland, USA, 1999. 被引量:1

共引文献46

同被引文献11

  • 1段磊,唐常杰,左劼,陈宇,钟义啸,元昌安.基于基因表达式编程的抗噪声数据的函数挖掘方法[J].计算机研究与发展,2004,41(10):1684-1689. 被引量:39
  • 2元昌安,唐常杰,左劼,谢方军,陈安龙,胡建军.基于基因表达式编程的函数挖掘——收敛性分析与残差制导进化算法[J].四川大学学报(工程科学版),2004,36(6):100-105. 被引量:44
  • 3Wang Xin-mim,Huang Xin-tang,YAO Tian-ren.A HMM training algorithm based on grouping multiple observations by multiple correlation coeffieient[J].Journal of Central China Normal University,2003,37(3):179-182. 被引量:1
  • 4Candida Ferreira.Gene expression programming[M].A New Adaptive Algorithm for Solving Problems.Complex Systems,2001,13(2):87-129. 被引量:1
  • 5Ferreira C.Gene expression programming in problem solving[M].The 6th Online World Conference on Soft Computing in Industrial Applications,2001. 被引量:1
  • 6Zuo Jie,Tang Changjie,Zhang Tianqing.Mining predicate association rule by gene expression programming[C].Proc of the 3rd Int'l Conf for Web Information Age(WAIM02),LNCS 2419.Berlin:Springer-Verlag,2002:92-103. 被引量:1
  • 7Zuo Jie,Tang Changjie,Li Chuan,et al.Time series prediction based on gene expression programming[C].Proc of the 5th Int'l Conf for Web Information Age(WAIM04),LNCS 3129.Berlin:Springer-Verlag,2004:55-64. 被引量:1
  • 8Candida Ferreira.Gene expression programming[M].Adaptive Eneouding.See Self-adaptation Algorithms,GEP-PO,2001:297-298,312-327. 被引量:1
  • 9Lawrence R. Rabiner. A Tutorial on Hidden Markov Models and Selected APPlications in SPeech Recognition [ J ]. Proceedings of the IEEE, 1989, 77(2) :257 -286. 被引量:1
  • 10Lippmann R, et al. The 1999 DARPA offline intrusion detection evaluation[ J ]. Computer Networks, 2000,34 (4) :579 -595. 被引量:1

引证文献2

二级引证文献13

小型微型计算机系统
2007年 第7期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部