期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种不定长特征模式入侵检测模型及仿真分析

Intrusion Detection Model Based on Variable-length Character Patterns and Its Simulating Analysis
下载PDF
导出
摘要 针对定长序列模式在刻画序列特征方面的不足,提出了一种不定长序列特征模式抽取算法,并以此为基础设计了一个新的入侵检测模型。模型引入了状态转移概念并将模式匹配检测和状态转移检测结合在一起,克服了已有模型只专注于单一特征检测的缺陷。实验证实,和单特征检测相比,该模型在保证检测率的同时降低了误报率,并且检测算法的效率也是可接受的。 An algorithm of drawing out variable-length character patterns was proposed due to the limitations of invariable-length character patterns, and based on which a new intrusion detection model was designed. The model introduced state shift concept and inosculated pattern match detection and state shift detection, which overcame the shortcoming that other models detected only using single character. The experiments show that the model detection results are satisfied, and the efficiency of algorithm is acceptable.
作者 葛方斌 杨林 王建新 臧垒
机构地区 解放军理工大学指挥自动化学院 中国电子系统工程研究所
出处 《系统仿真学报》 CAS CSCD 北大核心 2008年第22期6118-6121,共4页 Journal of System Simulation
基金 国家“863”高技术研究发展计划基金项目(2005AA147050)
关键词 入侵检测 系统调用 特征模式 状态转移 intrusion detection,system call,character pattern,state shift
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献7

  • 1Forrest S. A sense of self for Unix processes [C]//John McHugh IEEE Symposium on Security and Privacy Proceedings. Oakland CA: IEEE Computer Security Press. 1996: 120-128. 被引量:1
  • 2郭军,笹尾勤.入侵检测中模式匹配算法的FPGA实现[J].系统仿真学报,2007,19(14):3215-3217. 被引量:7
  • 3Lee W, Stolfo S J. Data mining approaches for intrusion detection [C]// Proceedings of the 7th USENIX Security Symposium. Berkely, USA: USENIX. 1998: 79-94. 被引量:1
  • 4Lane T Brodely C E. Temporal sequence learning and data reduction for anomaly detection [C]// Proceedings of the 5th ACM Conference on Computer & Communication Security. San Francisco, California, USA, 1998: 295-321. 被引量:1
  • 5Raman C V Atwl Negi. A hybrid method to intrusion detection systems using HMM [C]//ICDCIT 2005, Lecture Notes in Computer Science 3816. Springer, Berlin. 2005: 389-396. 被引量:1
  • 6Hofmeyr S A. Forrest S. Somayaji A. Intrusion Detection using Sequences of System Calls [J] Journal of Computer Security (S0926- 227X), 1998, 6(3): 151-180. 被引量:1
  • 7林果园,郭山清,黄皓,曹天杰.基于动态行为和特征模式的异常检测模型[J].计算机学报,2006,29(9):1553-1560. 被引量:25

二级参考文献20

  • 1张相锋,孙玉芳,赵庆松.基于系统调用子集的入侵检测[J].电子学报,2004,32(8):1338-1341. 被引量:10
  • 2Forrest S. etal. A sense of self for unix processes. In: John McHugh IEEE Symposium on Security and Privacy Proceedings. Oakland CA: IEEE Computer Society Press, 1996, 120-128 被引量:1
  • 3Lee W. , Stolfo S. J.. Data mining approaches for intrusion detection. In: Proceedings of the 7th USENIX Security Symposium. Berkeley: USENIX, 1998, 79-94 被引量:1
  • 4Liao Yihua, Vemuri V. R. Use of k-nearest neighbor classifier for intrusion detection. Networks and Security, 200, 21(5):438-448 被引量:1
  • 5Lee Wenke, Xiang Dong. Information-theoretic measures for anomaly detection. In: Proceedings of the 2001 IEEE Symposium on Security and Privacy, Oakland, California, USA, 2001,130-143 被引量:1
  • 6Hofmeyr S. A. , Forrest S. , Somayaji A.. Intrusion detection using sequence of system calls. Journal of Computer Security,1998, 6(3):151-180 被引量:1
  • 7Lane T. , Brodley C. E.. Temporal sequence learning and data reduction for anomaly detection. In: Proceedings of the 5th ACM Conference on Computer & Communication Security,San Francisco, California, USA, 1998, 295-331 被引量:1
  • 8Raman C. V. , Atul Negi. A hybrid method to intrusion deteetion systems using HMM. In: ICDCIT 2005, Lecture Notes in Computer Science 3816, 2005, 389-396 被引量:1
  • 9Kosoresow A. P. , Hofmeyr S. A.. Intrusion detection via system call traces. IEEE Software, 1997, 14(5): 35-42 被引量:1
  • 10Bin Y. , Qiao Y. , Xin X. W. , Ge S.. Anomaly intrusion detection method based on HMM. In: IEEE Electronic Letters Online No: 20020467, 2002, 38(13): 663-664 被引量:1

共引文献30

系统仿真学报
2008年 第22期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部