| 警报信息实时融合处理技术研究与实现 |
| |
| 引用本文: | 段祥雯,杨兵,张怡.警报信息实时融合处理技术研究与实现[J].计算机安全,2011(7):2-9. |
| |
| 作者姓名: | 段祥雯 杨兵 张怡 |
| |
| 作者单位: | 国防科学技术大学计算机学院,湖南长沙,410073 |
| |
| 基金项目: | 国家”863”高技术研究发展计划资助项目(2009AA01Z432) |
| |
| 摘 要: | 针对分布式入侵检测和网络安全预警所需要解决的问题,对多传感器数据融合技术进行了研究.在分析IDS警报信息之间各种复杂关系的基础上,提出了一个警报信息实时融合处理模型,并根据该模型建立警报信息融合处理系统.实时融合来自多异构IDS传感器的警报信息,形成关于入侵事件的攻击序列图,并在此基础上进行威胁评估及攻击预测.该模型中...
|
| 关 键 词: | 入侵检测 警报关联 警报融合 |
Research and Realization of the Technology Real-time Fusing Alerts Information |
| |
| DUAN Xiang-wen,YANG Bing,ZHANG Yi.Research and Realization of the Technology Real-time Fusing Alerts Information[J].Network & Computer Security,2011(7):2-9. |
| |
| Authors: | DUAN Xiang-wen YANG Bing ZHANG Yi |
| |
| Affiliation: | DUAN Xiang-wen,YANG Bing,ZHANG Yi (School of Computer Science,National University of Defense Technology,Changsha,Hunan 410073,China) |
| |
| Abstract: | To resolve the problem which distributed intrusion detection and network attack warning system has to confront, multi-sensor data fusion techniques are studied in this paper. Based on the analysis of various complex relationships of IDS alerts, this paper presents an alerts information real-time fusion model. An alerts information real-time fusion system based on it is realized, which can real-time fuse alarms from various heterogeneous IDS sensors, generate attack sequence view about intrusion ,evaluate th... |
| |
| Keywords: | Intrusion detection Alert correlation Alert fusion |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
