| 基于关联序列分析的协同攻击检测方法研究 |
| |
| 引用本文: | 经小川,胡昌振,谭惠民.基于关联序列分析的协同攻击检测方法研究[J].武汉理工大学学报,2004,26(6):78-81. |
| |
| 作者姓名: | 经小川 胡昌振 谭惠民 |
| |
| 作者单位: | 北京理工大学机电工程与控制国家重点实验室,北京,100081 |
| |
| 摘 要: | 由于协同攻击的复杂性,使传统检测方法难以对其进行有效地检测。在对协同攻击行为的层次性和关联性的分析基础上,使用条件关联方法对协同攻击进行检测。提出了一种适于进行关联分析的攻击表达方式和攻击动作链条的搜索方法。实验结果表明该方法可有效的将协同攻击链分离出来。
|
| 关 键 词: | 入侵检测 协同攻击 关联分析 |
| 文章编号: | 1671-4431(2004)06-0078-04 |
| 修稿时间: | 2004年3月24日 |
Coordinated Attack Detection Based on Association Analysis |
| |
| JING Xiao-chuan,HU Chang-zhen,TAN Hui-min.Coordinated Attack Detection Based on Association Analysis[J].Journal of Wuhan University of Technology,2004,26(6):78-81. |
| |
| Authors: | JING Xiao-chuan HU Chang-zhen TAN Hui-min |
| |
| Abstract: | The complexity of coordinated attacks is difficult to detect efficiently by using the traditional methods such as misuse detection and anomaly detection.The coordinated attack is composed of many attack behaviors,among which there are some kinds of association.Based on the research work on the hierarchy and reciprocity of attack behaviors,this paper provides a solution for detecting coordinated attack with the conditional association method.A kind of attack representation that is suitable to association analysis has been introduced and the results of experiments have proved the feasibility of this method. |
| |
| Keywords: | intrusion detection coordinated attack association analysis |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
