| 一种基于多参数的IDS决策过程研究 |
| |
| 引用本文: | 杨鹍,罗光春,卢显良.一种基于多参数的IDS决策过程研究[J].电子科技大学学报(自然科学版),2006,35(5):801-803,810. |
| |
| 作者姓名: | 杨鹍 罗光春 卢显良 |
| |
| 作者单位: | 1.电子科技大学信息中心 成都 610054 |
| |
| 摘 要: | 讨论了将数据融合技术运用到入侵检测系统中的方法,并提出了一个基于数据融合技术的入侵检测机制-DFIDM。在该机制中,有多个检测器搜集系统日志文件、网络流量信息、网络数据包等数据,这些数据在通过了本地决策、数据提取和对象提取阶段等预处理过程之后,传送到融合中心进行决策,重点研究了决策过程所涉及的多参数问题。为此,系统设计了检测器可靠性、时间因素、空间因素等五个主要因素参与融合与决策。最后通过实验证明,采用了该机制的入侵检测系统具有更好的准确性。
|
| 关 键 词: | 多参数 入侵检测 决策 准确性 |
| 收稿时间: | 2005-01-04 |
| 修稿时间: | 2005-01-04 |
Research on Decision-Making of IDS with Multiple Parameters |
| |
| YANG Kun,LUO Guang-chun,LU Xian-liang.Research on Decision-Making of IDS with Multiple Parameters[J].Journal of University of Electronic Science and Technology of China,2006,35(5):801-803,810. |
| |
| Authors: | YANG Kun LUO Guang-chun LU Xian-liang |
| |
| Affiliation: | 1.Information Centre,Univ. of Electron. Sci. & Tech. of China Chengdu 610054 |
| |
| Abstract: | This paper introduces a method of intrude detection based on data fusion, and presents a new mechanism-DFIDM. In DFIDM, a few of sensors are configured to collect data, such as log file, information of network traffics and data package of network. After some pretreatments such as local decision-making, Data refinement, and object refinement, these data will be transferred to fusion center. In this paper, we mainly research the multiple parameters of final decision-making, such as reliability of sensors, the factor of time, the factor of space. As it showed by the research result this mechanism can improve the veracity of IDS. |
| |
| Keywords: | multiple parameters intrusion detection decision-making veracity |
| 本文献已被 维普 万方数据 等数据库收录! |
| 点击此处可从《电子科技大学学报(自然科学版)》浏览原始摘要信息 |
|
点击此处可从《电子科技大学学报(自然科学版)》下载全文 |
|
