| 高速网络环境下一种对入侵检测系统的改进方法 |
| |
| 引用本文: | 王阿婷,毕红军,刘云,司夏萌.高速网络环境下一种对入侵检测系统的改进方法[J].铁路计算机应用,2010,19(8):33-35. |
| |
| 作者姓名: | 王阿婷 毕红军 刘云 司夏萌 |
| |
| 作者单位: | 1. 北京交通大学,通信与信息系统北京市重点实验室,北京,100044
2. 北京交通大学,网络舆论安全研究中心,北京,100044 |
| |
| 摘 要: | 高速网络环境下,现有的入侵检测系统存在检测效率低、准确率低和丢包现象等问题。改进后的入侵检测系统先对数据包中的应用协议进行预处理,检测出比较明显的入侵特征。如果没有检测到,就利用基于决策树的模式匹配方法进行更进一步的检测。它可以提高检测速度和降低误报率,更加适应高速网络。
|
| 关 键 词: | 入侵检测 协议分析 决策树算法 |
Improved method of High-speed Network Intrusion Detection System |
| |
| WANG A-ting,BI Hong-jun,LIU Yun,SI Xia-meng.Improved method of High-speed Network Intrusion Detection System[J].Railway Computer Application,2010,19(8):33-35. |
| |
| Authors: | WANG A-ting BI Hong-jun LIU Yun SI Xia-meng |
| |
| Institution: | 1. Key Laboratory of Communication & Information Systems, Beijing Municipal Commission of Education,Beijing Jiaotong University, Beijing 100044, China; 2. Center for Security Studies Public Opinion, Beijing Jiaotong University, Beijing 100044, China) |
| |
| Abstract: | In high-speed network, the Current Intrusion Detection System had some deficiencies ,like low efficiency, low accuracy, losing packets. Considering to improve the System, do pretreatment with the protocol in packet first, in order to detect the obvious features of the invasion. And then, it was adopted the decision tree theory to do further detecting. The proposed method had the higher performance, reduced false positives and made intrusion Detection System more suitable to highspeed network. |
| |
| Keywords: | intrusion protocol analysis decision tree theory |
| 本文献已被 维普 万方数据 等数据库收录! |
|
