| 基于误用和异常技术相结合的入侵检测系统的设计与研究 |
| |
| 引用本文: | 田俊峰,张喆,赵卫东.基于误用和异常技术相结合的入侵检测系统的设计与研究[J].电子与信息学报,2006,28(11):2162-2166. |
| |
| 作者姓名: | 田俊峰 张喆 赵卫东 |
| |
| 作者单位: | 河北大学数学与计算机学院,保定,071002;河北大学数学与计算机学院,保定,071002;河北大学数学与计算机学院,保定,071002 |
| |
| 摘 要: | 目前,入侵检测系统(IDS) 的漏报率和误报率高一直是困扰IDS用户的主要问题,而入侵检测系统主要有误用型和异常型两种检测技术,根据这两种检测技术各自的优点,以及它们的互补性,将两种检测技术结合起来的方案越来越多地应用于IDS中。该文提出了基于统计的异常检测技术和基于模式匹配的误用检测技术相结合的IDS模型,减少了单纯使用某种入侵检测技术时的漏报率和误报率,从而提高系统的安全性。
|
| 关 键 词: | 入侵检测系统 异常检测 误用检测 模式匹配 统计分析 |
| 文章编号: | 1009-5896(2006)11-2162-05 |
| 收稿时间: | 2005-03-08 |
| 修稿时间: | 2005-09-26 |
The Design and Research of Intrusion Detection System
Based on Misuse and Anomaly |
| |
| Tian Jun-feng,Zhang Zhe,Zhao Wei-dong.The Design and Research of Intrusion Detection System
Based on Misuse and Anomaly[J].Journal of Electronics & Information Technology,2006,28(11):2162-2166. |
| |
| Authors: | Tian Jun-feng Zhang Zhe Zhao Wei-dong |
| |
| Institution: | College of Computer and Mathematics, Hebei University, Baoding 071002, China |
| |
| Abstract: | Currently, the false positive and the false negative of Intrusion Detection System are very high. It was always the main problem that bothered the user of IDS. But there are tow main technologies applied in IDS. To this problem, because both the technologies have its own advantages and they can supply for each other. So IDS combined with the tow technologies was used more and more widely. This paper presented a model of IDS based on combination of misuse detection and anomaly detection. In this model, misuse detection is based on pattern matching and Anomaly Detection is based on statistical analysis. It combined the tow technologies to reduce the false positive rate and the false negative rate in only one detection technology, and then to improve security of IDS. |
| |
| Keywords: | Intrusion Detection System (IDS) Anomaly detection Misuse detection Pattern matching Statistical analysis |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《电子与信息学报》浏览原始摘要信息 |
| 点击此处可从《电子与信息学报》下载免费的PDF全文 |
