摘要
针对在网络入侵模式特征对比技术研究过程中,由于网络入侵形式呈现多样性和随机性,使得入侵网络模式特征过多时,特征模式匹配计算就过于繁琐,导致特征对比检测率低的问题。提出基于流量分析算法的网络入侵模式特征对比方法。先融合SOM神经网络建立网络入侵模式特征评价模型,再统计网络入侵检测中多个最优解的入侵模式特征出现的频率,利用频率筛选过程去除被选频率低于某一频率阈值的入侵模式特征,筛选出的每个网络入侵模式特征基参数进行差异补偿,将各个网络入侵模式特征基进行标准化融合处理,得到对于不同的攻击类型改进算法相比其它算法的检测率平均提高了15.4%。实验结果表明,基于流量分析的网络入侵模式特征对比方法大幅度的提升了网络入侵检测的效率。
In the study process of characteristic contrast technology of network intrusion model, because of the diversity and randomness of network intrusion form, the calculation of characteristic pattern matching is too complicated, which leads to the problem of low detection rate of characteristic contrast when the characteristic, of intrusion net- work model is too much. A characteristic contrast method of network intrusion model was proposed based on flow a- nalysis algorithm. Firstly, SOM neural network was fused to establish the characteristic evaluation model of network intrusion model, and then, the statistics of the appeared frequency of intrusion model characteristic of multiple optimal solutions in the network intrusion detection was carried out. Frequency screening process was used to remove the intrusion model characteristic, in which the selected frequency is below a certain threshold, and every selected characteristic base parameter of network intrusion model was compensated. The fusion processing of all characteristic base parameters of network intrusion model were standardized. The result shows that the detection rate using the improved algorithm for different intrusion types is higher than the other algorithms by 15.4%. Simulation experiment proves that the characteristic contrast method can greatly improve the efficiency of network intrusion detection.
出处
《计算机仿真》
CSCD
北大核心
2016年第4期352-355,共4页
Computer Simulation
关键词
特征对比
特征参数
入侵检测
Characteristic contrast
Characteristic parameter
Intrusion detection
