计算机工程与应用 ›› 2010, Vol. 46 ›› Issue (7): 107-109.DOI: 10.3778/j.issn.1002-8331.2010.07.032
• 网络、通信、安全 • 上一篇 下一篇
王 琢,范九伦,刘建华
收稿日期:
修回日期:
出版日期:
发布日期:
通讯作者:
WANG Zhuo,FAN Jiu-lun,LIU Jian-hua
Received:
Revised:
Online:
Published:
Contact:
摘要: 针对现有基于属性差异的入侵检测系统报警信息聚合算法存在的缺陷,提出一种改进的基于属性差异的报警信息聚合算法。该方法简单、直观。在DARPA2000测试数据集上的测试说明了算法的有效性。
关键词: 入侵检测, 属性差异, 报警聚合
Abstract: Considering the drawbacks existed in the algorithms based on attribute differences to aggregate intrusion detection alert,an improved algorithm is proposed.The proposed algorithm has the advantages of simplicity and intuition.Experiment results on the DARPA2000 IDS test dataset indicate that the algorithm is efficient.
Key words: intrusion detection, attribute difference, alert aggregation
中图分类号:
TP393.08
王 琢,范九伦,刘建华. 入侵检测系统报警信息聚合方法的改进[J]. 计算机工程与应用, 2010, 46(7): 107-109.
WANG Zhuo,FAN Jiu-lun,LIU Jian-hua. Improved aggregation algorithm for intrusion-detection alerts[J]. Computer Engineering and Applications, 2010, 46(7): 107-109.
0 / 推荐
导出引用管理器 EndNote|Ris|BibTeX
链接本文: http://cea.ceaj.org/CN/10.3778/j.issn.1002-8331.2010.07.032
http://cea.ceaj.org/CN/Y2010/V46/I7/107