| 确定性退火算法在"伪装"入侵行为检测中的应用 |
| |
| 引用本文: | 赵俊忠,黄厚宽,田盛丰. 确定性退火算法在"伪装"入侵行为检测中的应用[J]. 电子学报, 2004, 32(2): 303-305 |
| |
| 作者姓名: | 赵俊忠 黄厚宽 田盛丰 |
| |
| 作者单位: | 1. 北京航空航天大学理学院,北京 100083;2. 北方交通大学计算机与信息技术学院,北京 100044 |
| |
| 摘 要: | 本文提出了一种基于确定性退火算法的检测"伪装"入侵行为的方法.在该方法中,每一个用户被看作是一个离散变长记忆的平稳信源,被"伪装"的入侵者利用的账户所产生的命令行字符序列可以被看作是由该账户的相应用户和"伪装"的入侵者两个不同信源在不同时段活动的混合结果.我们通过对命令行字符序列的分析来重构原信源模型以判断是否存在入侵行为.实验结果表明该模型是可行的.
|
| 关 键 词: | 网络安全 入侵检测系统 信息率失真理论 确定性退火 |
| 文章编号: | 0372-2112(2004)02-0303-03 |
| 收稿时间: | 2002-12-26 |
Detecting Masquerades in Intrusion Detection Based on Deterministic Annealing |
| |
| ZHAO Jun zhong ,HUANG Hou kuan ,TIAN Sheng feng. Detecting Masquerades in Intrusion Detection Based on Deterministic Annealing[J]. Acta Electronica Sinica, 2004, 32(2): 303-305 |
| |
| Authors: | ZHAO Jun zhong HUANG Hou kuan TIAN Sheng feng |
| |
| Affiliation: | 1. School of Science,Beijing University of Aeronautics and astronautics,Beijing 100083,China;2. School of Computer and Information Technology,Northern Jiaotong University,Beijing 100044,China |
| |
| Abstract: | A new model based on deterministic annealing for detecting intruders/users masquerading as other users is presented.In our model,each user is viewed as a discrete stationary source with variable memory.A sequence of characters composed of command lines from a user's account is regarded as the result that is potentially generated by the user and the intruder in different period.We determine masquerades by finding the source(s) in the sequence.Our experiment shows that the model is feasible. |
| |
| Keywords: | network security intrusion detection system rate distortion theory deterministic annealing |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《电子学报》浏览原始摘要信息 |
|
点击此处可从《电子学报》下载全文 |
