Computer Engineering and Applications ›› 2008, Vol. 44 ›› Issue (7): 136-138.
• 网络、通信与安全 • Previous Articles Next Articles
TAO Long-ming,SHI Zhi-cai,PENG Dan,MA Wu
Received:
Revised:
Online:
Published:
Contact:
陶龙明,史志才,彭 丹,马 武
通讯作者:
Abstract: Sophisticated network attacks are well disguised,durative and multi-stage;it can not be detected effectively by current intrusion detection technology.The native properties of sophisticated network attacks have been analyzed thoroughly in this paper,and then a detection model of sophisticated network attacks based on HMM is built.According to properties of sophisticated network attacks,lots of alarm sequences used by HMM are produced from different monitors distributed in real network.Experiments show that this model is effective in detecting sophisticated network attacks.
摘要: 对于隐蔽性强、持续时间长且分步完成的复杂网络攻击,现有的入侵检测技术仍无法有效地进行识别。详细地分析了复杂网络攻击的特征,并在此基础上建立了复杂网络攻击的HMM检测模型。通过关联分析不同网络监视器的报警事件,产生用于HMM模型训练及检测的报警序列,这些报警序列本质上反映了攻击者的行为。实验结果表明,该模型能较好地检测复杂网络攻击。
TAO Long-ming,SHI Zhi-cai,PENG Dan,MA Wu. Application of HMM to detecting sophisticated network attacks[J]. Computer Engineering and Applications, 2008, 44(7): 136-138.
陶龙明,史志才,彭 丹,马 武. HMM模型在检测复杂网络攻击中的应用[J]. 计算机工程与应用, 2008, 44(7): 136-138.
0 / Recommend
Add to citation manager EndNote|Ris|BibTeX
URL: http://cea.ceaj.org/EN/
http://cea.ceaj.org/EN/Y2008/V44/I7/136
