| 基于指数熵的蠕虫病毒检测方法 |
| |
| 引用本文: | 牛子曦,罗作民,张亚玲.基于指数熵的蠕虫病毒检测方法[J].计算机工程与设计,2008,29(24). |
| |
| 作者姓名: | 牛子曦 罗作民 张亚玲 |
| |
| 作者单位: | 西安理工大学计算机学院,陕西西安,710048 |
| |
| 基金项目: | 陕西省教育厅基金项目
|
| |
| 摘 要: | 在传统的入侵检测理论的基础上,研究了统计学概念模型系统熵,并结合蠕虫病毒的行为特征提出了指数熵概念,从异常检测的角度对蠕虫病毒采取了一种新型扼制方法.该方法的具体实施是建立完整的指数熵理论,推导出实用的熵值计算公式,结合局域网蠕虫病毒入侵检测技术,开发了高教的蠕虫病毒检测应用程序.实验结果表明,该方法可以检测到网络蠕虫,且具有较高的效率和较低的漏报率.
|
| 关 键 词: | 指数熵 蠕虫病毒 入侵检测 网络安全 检测算法 |
Worm detection based on exponent entropy |
| |
| NIU Zi-xi,LUO Zuo-min,ZHANG Ya-ling.Worm detection based on exponent entropy[J].Computer Engineering and Design,2008,29(24). |
| |
| Authors: | NIU Zi-xi LUO Zuo-min ZHANG Ya-ling |
| |
| Affiliation: | NIU Zi-xi,LUO Zuo-min,ZHANG Ya-ling(Institute of Computer Science,Xi'an University of Technology,Xi'an 710048,China) |
| |
| Abstract: | Based on the traditional theory of IDS,the system entropy is studied,which come from statistics model,combining the worm behaviors characteristic the exponent entropy conception is put forward,a new inhibiting method is proposed from the anomaly detection point of view.The concrete implementation of this method is build the integrity exponent entropy theory,deduced practical entropy value calculate formula,combined LAN worm IDS technology and developed worm detection applied program.The output of the progra... |
| |
| Keywords: | exponent entropy worm intrusion detection web security detection algorithm |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
