Computer Engineering and Applications ›› 2007, Vol. 43 ›› Issue (14): 120-123.
• 网络、通信与安全 • Previous Articles Next Articles
jisai Shen-fang YUAN Guan-sheng ZHENG wei TIAN
Received:
Revised:
Online:
Published:
Contact:
季赛 袁慎芳 郑关胜 田伟
通讯作者:
Abstract: A method of intrusion detection, which based meta-information rough-sets theory, is proposed. The sequence of system calls are converted into the subsequences of shorter length, and decision rules for intrusion detection are extracted and induced. Subsequences length and average accuracy values are compared under classification method with default rule. Experiments show that this intrusion detection method can have low false positive and high detection rate.
摘要: 本文采用不同长度的滑窗对系统调用进程生成短序列,并利用基于元信息的粗糙集方法提取最小的入侵检测规则,从而实现入侵检测。分析了在含有默认规则的检测方法下,滑窗长度和平均检测率以及规则数目之间的变化,实验结果表明该方法具有较高的平均检测率和检测速度。
jisai Shen-fang YUAN Guan-sheng ZHENG wei TIAN. Research of Rough Set and System Call Based Intrusion Detection[J]. Computer Engineering and Applications, 2007, 43(14): 120-123.
季赛 袁慎芳 郑关胜 田伟. 基于粗糙集和系统调用的入侵检测研究[J]. 计算机工程与应用, 2007, 43(14): 120-123.
0 / Recommend
Add to citation manager EndNote|Ris|BibTeX
URL: http://cea.ceaj.org/EN/
http://cea.ceaj.org/EN/Y2007/V43/I14/120
