摘要
计算机通信网络的安全防御措施-入侵检测系统作为现今研究的热点,入侵检测技术得到了前所未有的发展,尤其是模糊入侵检测技术。而模糊入侵检测存在误警率普遍较高的问题。通过对入侵检测算法的研究,针对模糊化所引起的问题,提出了协议分析与模糊综合评判相结合的检测算法,并将协议分析部分作为进行模糊综合评判的前提条件,即依据协议类型的不同采用了不同的权重向量和由单因素评判向量构成的评判矩阵的不同的模糊综合评判。实验结果证明,算法的检测效果较佳,问题解决且正好符合入侵检测系统所追求的,即检测率很高而误警率却是很低。
The security measures of computer communication network- intrusion detection system is presently a hotspot, and intrusion detection technology, especially fuzzy intrusion detection technology has got an unprecedented development. But there is generally a problem of high rate of false alarm. Through studying intrusion detection algo- rithms, aiming at the problem cased by fuzzy technique, the paper proposes a detection algorithm by combining proto- col analysis with fuzzy comprehensive evaluation, and the algorithm carries out protocol analysis before fuzzy compre- hensive evaluation, that's to say, according to different types of protocol, different weight vectors and different fuzzy comprehensive evaluations based on evaluation matrix composed of vectors judged by a single factor are adopted. The results show that this method results in better detection, has very high detection rate and very low false alarm rate.
出处
《计算机仿真》
CSCD
北大核心
2009年第10期99-101,122,共4页
Computer Simulation
关键词
协议分析
模糊综合评判
入侵检测
Protocol analysis
Fuzzy comprehensive evaluation
Intrusion detection
作者简介
关彦君(1983-),女(汉族),河南郾城人,硕士研究生,主要研究方向:模糊入侵检测系统。
卢辉斌(1965-),男(汉族),吉林蛟河人,博士,教授,主要研究方向:网络安全。
