Description: 在现有的单层马尔科夫链异常检测模型基础上,提出一种崭新的两层模型.将性质上有较大差异的两个过程,不同的请求和同一请求内的系统调用序列,分为两层,分别用不同的马尔可夫链来处理.两层结构可以更准确地刻画被保护服务进程的动态行为,因而能较大地提高异常的识别率,降低误警报率.-In the existing single-layer Markov chain model for anomaly detection based on a new two-tier model. Will have a larger difference in the nature of the two processes, different requests and requests within the same system call sequence, sub- for a two-tier, respectively, in different Markov chain to deal with it. a two-tier structure can be more accurately portray the process of protection services by the dynamic behavior, which can greatly improve the identification of abnormal rate and reduce false alarm rate. Platform: |
Size: 356352 |
Author:杨奇 |
Hits:
Description: 自1980年产生IDS概念以来,已经出现了基于主机和基于网络的入侵检测系统,出现了基于知识的模型识别、异常识别和协议分析等入侵检测技术,并能够对百兆、千兆甚至更高流量的网络系统执行入侵检测。-Since 1980, the concept of generated IDS has been a host-based and network-based intrusion detection system, a model of knowledge-based recognition, identification and protocol anomaly analysis, intrusion detection technology and be able to Fast, Gigabit and even higher flow of the implementation of intrusion detection systems. Platform: |
Size: 3072 |
Author:丝琪儿 |
Hits:
Description: Recently, information security has become a key issue
in information technology as the number of computer security
breaches are exposed to an increasing number of security threats. A
variety of intrusion detection systems (IDS) have been employed for
protecting computers and networks from malicious network-based or
host-based attacks by using traditional statistical methods to new data
mining approaches in last decades. However, today s commercially
available intrusion detection systems are signature-based that are not
capable of detecting unknown attacks. In this paper, we present a
new learning algorithm for anomaly based network intrusion
detection system using decision tree algorithm that distinguishes
attacks from normal behaviors and identifies different types of
intrusions. Experimental results on the KDD99 benchmark network
intrusion detection dataset demonstrate that the proposed learning
algorithm achieved 98 detection rate (DR) in comparison with
other existing methods.-Recently, information security has become a key issue
in information technology as the number of computer security
breaches are exposed to an increasing number of security threats. A
variety of intrusion detection systems (IDS) have been employed for
protecting computers and networks from malicious network-based or
host-based attacks by using traditional statistical methods to new data
mining approaches in last decades. However, today s commercially
available intrusion detection systems are signature-based that are not
capable of detecting unknown attacks. In this paper, we present a
new learning algorithm for anomaly based network intrusion
detection system using decision tree algorithm that distinguishes
attacks from normal behaviors and identifies different types of
intrusions. Experimental results on the KDD99 benchmark network
intrusion detection dataset demonstrate that the proposed learning
algorithm achieved 98 detection rate (DR) in comparison with
other existing methods. Platform: |
Size: 312320 |
Author:keerthi |
Hits:
Description: 基于C++的网络嗅探器系统的设计与实现 可以进行数据包的解析和了解-Zero-day cyber attacks such as worms and spy-ware are becoming increasingly widespread and dangerous. The existing signature-based intrusion detection mechanisms are often not sufficient in detecting these types of attacks. As a result, anomaly intrusion detection methods have been developed to cope with such attacks. Among the variety of anomaly detection approaches, the Sup Platform: |
Size: 4345856 |
Author:李峥 |
Hits:
Description: This white paper aims at briefly describing the technologies currently used in
filter design in Network-based Intrusion Detection System (NIDS). We will consider
the advantages and drawbacks of using signature filters versus anomaly filters,
and more particularly protocol anomaly filters.
This is the result of research work done at Defcom Sweden, Stockholm. Platform: |
Size: 17408 |
Author:sinsin |
Hits:
Description: A taxonomy was developed by Axelsson to define the space of intrusion detection technology and classify IDSs.
The taxonomy categorizes IDSs by their detection principle and their operational aspects. The two main
categories of detection principles are signature detection and anomaly detection. The remainder of this paper
will compare the two categories of detection principles and describe a new type of anomaly detection based on
protocol standards. While the taxonomy applies to both host-based and network-based IDSs,
and more particularly protocol anomaly filters.
This is the result of research work done at Defcom Sweden, Stockholm. Platform: |
Size: 82944 |
Author:sinsin |
Hits:
Description: 入侵检测系统在训练过程中需要大量有标识的监督数据进行学习,不利于其应用和推广.为了解决该问题,提出了一种基于主成分分析的无监督异常检测方法,在最小均方误差原则下学习样本的主要特征,经过压缩和还原的互逆过程后能最大限度地复制样本信息,从而根据均方误差的差异检测出异常信息.构建的仿真系统经过实验证明,基于主成分分析的无监督异常检测方法能够在无需专家前期参与的情况下检测出入侵,实验结果验证了其有效性.-Intrusion Detection System in the training process requires a large logo of Jiandushuoju learning, negative effect on their application and promotion. In order to solve the problem, a principal component analysis based on unsupervised anomaly detection method, the principle of the minimum mean square error The main characteristics of the sample under study, after compression and the reciprocal reduction procedure to copy the sample information as possible to the mean square error of the difference according to detect anomalies. Construction of the simulation system has been proved, not based on principal component analysis anomaly detection methods to monitor without the participation of experts in early detection of invasive cases, experimental results show its effectiveness. Platform: |
Size: 450560 |
Author:lwh |
Hits:
Description: 自1980年产生IDS概念以来,已经出现了基于主机和基于网络的入侵检测系统,出现了基于知识的模型识别、、异常识别和协议分析等入侵检测技术,并能够对百兆、千兆甚至更高流量的网络系统执行入侵检测。 已通过测试。
-Since 1980 to produce the IDS concept, host-based and network-based intrusion detection systems, knowledge-based model identification, anomaly identification and protocol analysis, intrusion detection technology, and on Fast, Gigabit and even more high-traffic network system to perform intrusion detection. Has been tested. Platform: |
Size: 3072 |
Author:面积 |
Hits:
Description: The problem of intrusion detection has been studied and received a lot of attention in
machine learning and data mining in the literature survey. The existing techniques are not
effective to improve the classification accuracy and to reduce high false alarm rate.
Therefore, it is necessary to propose new technique for IDS. In this work, we propose a
new K-means clustering method with a different Preprocessing and Genetic Algorithm
for identifying intrusion and classification for both anomaly and misuse.
The experiments of the proposed IDS are performed with KDD cup’99 data set. The
experiments will clearly results the proposed method provides better classification
accuracy over existing method. Platform: |
Size: 400384 |
Author:Sumit |
Hits:
Description: The title of my paper is An overview of anomaly based intrusion detection systems .-The title of my paper is An overview of anomaly based intrusion detection systems . Platform: |
Size: 495616 |
Author:Mina |
Hits:
Description: 基于kmeans的异常检测算法,数据集是kddcup99(Based on kmeans anomaly detection algorithm, the data set is kddcup99.) Platform: |
Size: 1024 |
Author:mupeieevew |
Hits:
Search - Anomaly intrusion detection