在系统中,既综合了基于异常行为的入侵检测和基于特征的入侵检测技术,在配置上又采用了主机配置和网络配置相互配合的方式。
In the system, apply the Intrusion detection technique of the based on unusual behavior and signature-based, and adopt the way of host and network configuration cooperating each other.
该系统模型既综合了基于异常行为的入侵检测和基于特征的入侵检测技术,在配置上又采用主机配置和网络配置相互配合的方式。
This model uses not only misuse but also anomaly detection technology, and at deployment the host based subsystem cooperates with the network-based subsystem.
给出了针对无线网络的入侵检测模型和网络异常行为检测策略。
Moreover, it presents a model of intrusion detection system and strategies for detecting anomaly behaviors.
其中规则库中包含正常行为规则和异常行为规则,使得原型系统在理论上既可实现误用检测也可实现异常检测,并采用关联规则挖掘模块对网络连接数据进行处理。
The rule sets of the system include normal behavior rules and abnormal behavior rules, it make the system can carry out the anomaly detection and misuse detection in theory.
其思想是通过将网络审计数据转化为时序数据库,对其进行序列模式挖掘以提炼出用户行为模式,并由此进行异常检测。
The idea is to transform the net audit data into time series database and mine the sequence pattern to extract the user behavior pattern , and then to use behavior pattern in anomaly detection.
而异常检测模块,它采用基于统计分析模型检测“异常”的网络行为。
But anomaly detection USES based-on statistic analyzed model detection "anomaly" network actions.
本文提出的网络行为检测模型可以有效地帮助网管人员及时发现网络中的异常行为,为网络管理人员提供便利,具有较强的实用价值。
The detection model outlined in this paper would be able to help the network managers to find the anomaly behavior, which has high practical value.
最后,通过自适应边界值方法进行检测,能够及时发现异常流量行为,说明该模型应用于网络流量预测是可行、有效的。
Finally, abnormal behaviors of network traffic can be found on time through test of adaptive boundary value method, which proves that the model is feasible and effective.
流量异常检测,作为一种网络入侵检测的方法,存在着如何建立正常行为模型的难题。
It is always a difficult problem to erect a model of normal behaviors in the area of network traffic anomaly detection, a method of network intrusion detection.
通过对网络数据包的分析,挖掘出网络系统中频繁发生的行为模式,并运用模式相似度比较对系统的行为进行检测,进而自动建立异常和误用行为的模式库。
By analysis of network traffic (packets), frequent user behavior profiles are mined, and then by comparing the profile similarity, system behavior can be detected in real-time.
针对网络入侵的不确定性导致异常检测系统误报率较高的不足,提出一种基于Q-学习算法的异常检测模型(QLADM)。 该模型把Q-学习、行为意图跟踪和入侵预测结合起来,可获得未知入侵行为的检测和响应。
To the problems higher rate of false retrieval in anomaly detection system due to the uncertainty of intrusion, this paper presents an Anomaly Detection Model Based on Q- Learning Algorithm (QLADM).
针对网络入侵的不确定性导致异常检测系统误报率较高的不足,提出一种基于Q-学习算法的异常检测模型(QLADM)。 该模型把Q-学习、行为意图跟踪和入侵预测结合起来,可获得未知入侵行为的检测和响应。
To the problems higher rate of false retrieval in anomaly detection system due to the uncertainty of intrusion, this paper presents an Anomaly Detection Model Based on Q- Learning Algorithm (QLADM).
应用推荐