在系统中,既综合了基于异常行为的入侵检测和基于特征的入侵检测技术,在配置上又采用了主机配置和网络配置相互配合的方式。
In the system, apply the Intrusion detection technique of the based on unusual behavior and signature-based, and adopt the way of host and network configuration cooperating each other.
该系统模型既综合了基于异常行为的入侵检测和基于特征的入侵检测技术,在配置上又采用主机配置和网络配置相互配合的方式。
This model uses not only misuse but also anomaly detection technology, and at deployment the host based subsystem cooperates with the network-based subsystem.
如果一个实际的入侵行为稍有偏差就有可能与正常的模式相匹配,而异常检测系统则无法检测到这种入侵行为。
In addition, an actual intrusion with a small deviation may match normal patterns. So the intrusion behavior cannot be detected by the detection system.
入侵检测的分析技术主要分为滥用入侵检测和异常入侵检测,目前国内外流行的网络入侵检测系统大都是采用滥用入侵检测技术。
The ID analysis methods have two ways: one is anomaly detection and the other is misuse detection. Nowadays, the most popular IDS is network intrusion detection system using misuse detection method.
入侵检测通过分析审计事件,发现系统中异常活动,是电子警务安全保护的一条重要途径。
Intrusive-detection is an important approach to protecting electronic policing by means of analyzing the audit affairs and detecting the abnormal events in the system.
ANIDS是基于异常检测技术的入侵检测系统,它从两个方面来实现异常检测。
This paper focus on Anomaly-based Network Intrusion Detection System (ANIDS), which use two methods to design and implement anomaly detection .
重点论述了两种典型的入侵检测方法—异常行为检测方法和比较学习检测方法的基本原理,并在此基础上实现了一个实际的入侵检测专家系统。
And then the two typical methods of the intrusion detection on its importance are discussed-the basic concept of anomaly detection method and compared study detection method.
针对异常发现技术和模式匹配技术各有利弊的特点,设计了将这两种技术综合运用的网络入侵检测系统。
On the base of the characteristic of modes of anomaly-based and signature-based, a network invasion detection system is proposed to use the virtue of two modes to detect network invasion.
异常检测由于自身的原因很难在商业入侵检测系统中得到应用。
Anomaly detection techniques are seldom employed in the leading commercial intrusion detection systems for its own fake.
利用数据挖掘技术对审计数据加以分析,总结出一些正常模式,用来进行异常检测,将有助于提高入侵检测系统的检测准确性和完备性。
Use data mining methods to analyze the audit data and provide anomaly detection based on the generated normal patterns, this method can improve the performance of intrusion detection system.
原型系统的实验表明,入侵检测模型能够对CORBA分布式对象应用中的异常客户行为进行有效检测。
The experimental results show the models effectiveness in detecting anomaly clients in CORBA distributed object applications.
异常检测是目前入侵检测系统(IDS)研究的主要方向。
Anomaly detection ACTS as one of the important directions of research on Intrusion detection Systems (IDSs).
针对网络入侵的不确定性导致异常检测系统误报率较高的不足,提出一种基于Q-学习算法的异常检测模型(QLADM)。 该模型把Q-学习、行为意图跟踪和入侵预测结合起来,可获得未知入侵行为的检测和响应。
To the problems higher rate of false retrieval in anomaly detection system due to the uncertainty of intrusion, this paper presents an Anomaly Detection Model Based on Q- Learning Algorithm (QLADM).
针对网络入侵的不确定性导致异常检测系统误报率较高的不足,提出一种基于Q-学习算法的异常检测模型(QLADM)。 该模型把Q-学习、行为意图跟踪和入侵预测结合起来,可获得未知入侵行为的检测和响应。
To the problems higher rate of false retrieval in anomaly detection system due to the uncertainty of intrusion, this paper presents an Anomaly Detection Model Based on Q- Learning Algorithm (QLADM).
应用推荐