| 因果告警相关方法在入侵检测系统中的应用与实现 |
| |
| 引用本文: | 王泽平,秦拯.因果告警相关方法在入侵检测系统中的应用与实现[J].计算机科学,2008,35(6):280-282. |
| |
| 作者姓名: | 王泽平 秦拯 |
| |
| 作者单位: | 湖南大学软件学院,长沙,410082 |
| |
| 基金项目: | 国防科工委基础科研规划项目
,
湖南省科技计划
,
广东省科技厅科技计划
,
广东省东莞市科技基金 |
| |
| 摘 要: | 针对某公司入侵检测系统产品误警率高,将因果告警相关方法融入到原系统中,对告警信息进行相关分析.利用DARPA 2000入侵检测场景数据集LLDOS1.0对新系统进行实验验证,结果表明,通过新系统可有效降低误警率,并可用图形的形式显示告警信息之间的因果相关关系,形象揭示出攻击者的攻击过程与攻击策略.
|
| 关 键 词: | 入侵检测 因果关系 告警相关 |
Application and Implementation of Causal Alert Correlation Method in Intrusion Detection System |
| |
| WANG Ze-ping,QIN Zheng.Application and Implementation of Causal Alert Correlation Method in Intrusion Detection System[J].Computer Science,2008,35(6):280-282. |
| |
| Authors: | WANG Ze-ping QIN Zheng |
| |
| Abstract: | Against a company intrusion detection system products superintendent high rate of false will cause alert correlation method into the original system,the alert correlation information is analyzed. Using 2000 DARPA intrusion detection scenario-specific datasets LLDOS1.0 for experimental verification of the new system,the results show that the new system can effectively reduce false alert rate and can be used to graphically display alert information in the form of a causal relationship,the image reveals an att... |
| |
| Keywords: | Intrusion detection Causal relationship Alert correlation |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机科学》浏览原始摘要信息 |
|
点击此处可从《计算机科学》下载全文 |
|
