| 一种基于HMM和遗传算法的伪装入侵检测方法 |
| |
| 引用本文: | 曾剑平,郭东辉.一种基于HMM和遗传算法的伪装入侵检测方法[J].小型微型计算机系统,2007,28(7):1210-1215. |
| |
| 作者姓名: | 曾剑平 郭东辉 |
| |
| 作者单位: | 1. 厦门大学,物理系EDA实验室,福建,厦门,361005;厦门睿智微电子技术有限公司,福建,厦门,361005
2. 厦门大学,物理系EDA实验室,福建,厦门,361005;厦门大学,电子工程系,福建,厦门,361005;厦门睿智微电子技术有限公司,福建,厦门,361005 |
| |
| 基金项目: | 教育部跨世纪优秀人才培养计划;人事部留学人员基金;福建省自然科学基金 |
| |
| 摘 要: | 针对目前伪装入侵检测算法在确定序列的滑动窗口长度中存在的主要问题,以及使得检测阈值的计算更加容易、精确,本文提出了一个新的伪装入侵检测算法-MDAA,它使用HMM(Hidden Markov Model)模型表示正常用户行为,通过计算模型的条件熵确定滑动窗口长度.实现了滑动窗口长度随不同的用户模型而自动变化,达到自适应参数调整的目的.采用遗传算法计算子序列相对用户模型的最大和最小似然值,从而将滑动窗口分割到的子序列转换成便于决策的量.在一个真实的伪装检测数据集上进行了实验,结果表明该方法能得到较好的性能,并且更能适应不同用户的伪装检测.
|
| 关 键 词: | 伪装入侵检测 遗传算法 |
| 文章编号: | 1000-1220(2007)07-1210-06 |
| 修稿时间: | 2006-04-26 |
Method for Masquerade Intrusion Detection Based on HMM and Genetic Algorithm |
| |
| ZENG Jian-ping,GUO Dong-hui.Method for Masquerade Intrusion Detection Based on HMM and Genetic Algorithm[J].Mini-micro Systems,2007,28(7):1210-1215. |
| |
| Authors: | ZENG Jian-ping GUO Dong-hui |
| |
| Affiliation: | 1.EDA Lab, Physics Department, Xiamen University, Xiamen 361005, China; 2.Department of Electronic Engineering, Xiamen University, Xiamen 361005,China;3.Xiamen RichlT Microelectronics LTD, Xiamen 361005, China |
| |
| Abstract: | A new detection method,MDAA,is proposed to solve the problems in determining the sliding window size and make it easily in selecting a precise decision value for current detection algorithms.In MDAA,HMM(Hidden Markov Model) is used to model the users' normal action.Sliding window size is determined by computing condition entropy of the model,thus the size can be adaptive to different users.Genetic algorithm is used to compute the maximal and minimal likelihood of sequence,and then the sequence can be transformed to a value that is more easily to be judged.Experiments on a real world data set show that the MDAA can get a better performance,and also it can be more adaptive to different users. |
| |
| Keywords: | HMM |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
