| 数据融合的协同网络入侵检测 |
| |
| 引用本文: | 张巍,滕少华,傅秀芬. 数据融合的协同网络入侵检测[J]. 计算机应用, 2009, 29(1): 284-287, |
| |
| 作者姓名: | 张巍 滕少华 傅秀芬 |
| |
| 作者单位: | 广东工业大学广东工业大学广东工业大学 |
| |
| 基金项目: | 广东省自然科学基金,广州市越秀区科技计划 |
| |
| 摘 要: | 探讨并建立了一个基于多代理和数据融合技术的协同网络入侵检测模型,给出了协同网络入侵检测模型的体系结构及其组件,论述了从网络数据包中提取内容、网络连接与网络通信三种特征,生成可疑入侵事件,设计并实现了入侵事件检测代理(基于特征的检测代理和基于统计的检测代理),通过融合中心进一步改善了检测效果,实验结果表明了该模型的有效性。
|
| 关 键 词: | 数据融合 多代理 事件 协同检测 特征 入侵检测 |
| 收稿时间: | 2008-09-16 |
Cooperative network intrusion detection based on data fusion |
| |
| ZHANG Wei,TENG Shao-hua,FU Xiu-fen. Cooperative network intrusion detection based on data fusion[J]. Journal of Computer Applications, 2009, 29(1): 284-287, |
| |
| Authors: | ZHANG Wei TENG Shao-hua FU Xiu-fen |
| |
| Affiliation: | Faculty of Computer;Guangdong University of Technology;Guangzhou Guangdong 510006;China |
| |
| Abstract: | Based on multi-agents and data fusion, a model of cooperative network intrusion detection was built. Its architecture and components were given. The content features, intrinsic features and traffic features were extracted from network packets for network intrusion detection. A group of detection agents for intrusion events were designed and implemented. They were classified into feature-based detection agents and statistic-based detection agents. Fusion center was used to improve the detection effect. At last, this model was verified by experiments. |
| |
| Keywords: | data fusion multi-agent event cooperative detection feature intrusion detection |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机应用》浏览原始摘要信息 |
|
点击此处可从《计算机应用》下载全文 |
