资料下载
×
基于隐马尔可夫的系统入侵检测方法
消耗积分:2 |
格式:rar |
大小:146 |
2009-08-05
分享资料个
针对入侵检测中普遍存在误报与漏报过高的问题,本文提出一种新的基于隐马尔可夫模型的系统入侵检测方法。该方法以程序正常执行过程中产生的系统调用序列为研究对象,首先建立计算机运行状况的隐马尔可夫模型,然后在此模型的基础上提出一个用于计算机系统实时异常检测的算法。实验证明,用这种方法建模的系统在不影响检测率的情况下,比传统的数据建设模节省存储空间,并且准确率高。
关键词:入侵检测;异常检测;隐马尔可夫模型(HMM)
Abstract: To solving the problem of high ratio of false alarm and self- adaptation,
this paper proposes a new method to network intrusion detection based on HMM
model. This method first research the system call serial in the normal application of
the program to found a HMM for the normal behavior of computer system and to
bring forward an algorithm of anomaly detection. It is proved that this method
increases the rate of accuracy and save more storage space without affecting the
detection rate.
Keywords: intrusion detection; anomaly detection; hidden markov model(HMM)
关键词:入侵检测;异常检测;隐马尔可夫模型(HMM)
Abstract: To solving the problem of high ratio of false alarm and self- adaptation,
this paper proposes a new method to network intrusion detection based on HMM
model. This method first research the system call serial in the normal application of
the program to found a HMM for the normal behavior of computer system and to
bring forward an algorithm of anomaly detection. It is proved that this method
increases the rate of accuracy and save more storage space without affecting the
detection rate.
Keywords: intrusion detection; anomaly detection; hidden markov model(HMM)
声明:本文内容及配图由入驻作者撰写或者入驻合作网站授权转载。文章观点仅代表作者本人,不代表电子发烧友网立场。文章及其配图仅供工程师学习之用,如有内容侵权或者其他违规问题,请联系本站处理。 举报投诉
评论(0)
发评论
- 相关下载
- 相关文章
