摘要
入侵特征由系统属性和事件序列组成,时序关系是描述它们的关键。ISITL是一种基于Allen的时段时态逻辑和一阶谓词逻辑的入侵特征形式化描述语言,它将系统属性和事件与相应的时段紧密相连,时段间的相互关系用13个基本函数和3个扩展函数来描述。在基于多代理的计算机免疫系统MACIS中,根据ISITL描述设计的检测器确保了较低的“漏报率”和“误报率”。
Intrusion signatures are usually composed of the system attributes and event sequences,in which time plays a critical role.Interval temporal logic based Intrusion signatures(ISITL)is a high-abstractive formal description language for representing intrusion signatures.It binds all system attributes and events with corresponding intervals,whose relations are specified by13basic functions and3augmented real time predicates.According to the ISITL description,the detec-tors of multi-agent based computer immune system(MACIS)ensure a low false positive rate and false negative rate.
出处
《计算机工程与应用》
CSCD
北大核心
2003年第32期27-29,共3页
Computer Engineering and Applications
基金
国家自然科学基金资助(编号:60073074)
关键词
形式化描述
入侵特征
时段时态逻辑
免疫系统
Formal Description,Intrusion Signatures,Interval Temporal Logic,Immune system