摘要
针对入侵检测系统大都采用单一的检测模式,难以有效地处理漏报、误报和对未知攻击无法有效识别的问题,分析不同类型网络流量的特征,文中提出一种将BP网络、遗传算法和Snort相结合的混合式入侵检测系统,综合了异常检测和误用检测的优点,克服了单一检测模式的不足。实验结果表明,该方法能有效提高入侵检测系统的检测率和准确率。
Aiming at that the intrusion detection system mostly takes single detection mode, which is difficult to solve the problem, of miss alarm, false alarm, and indistinguishability of unknown attacks, the network flow of different type is analyzed, a hybrid IDS system integrating BP network, genetic algorithms and Snort is proposed. This system integrates the advantages of abnormal and misuse detection, overcomes the disadvantages of single detection mode. The experiment results prove that this method could efficiently improve the detection rate and correctness rate.
出处
《通信技术》
2009年第9期106-108,共3页
Communications Technology
基金
黑龙江科技学院引进人才科研启动基金项目(04-23)
