Description: 基于相似度聚类分析方法的异常入侵检测系统的模型及实现-Similarity-based clustering analysis of abnormal Intrusion Detection System Model and Implementation Platform: |
Size: 162422 |
Author:赵艳 |
Hits:
Description: 基于相似度聚类分析方法的异常入侵检测系统的模型及实现-Similarity-based clustering analysis of abnormal Intrusion Detection System Model and Implementation Platform: |
Size: 161792 |
Author:赵艳 |
Hits:
Description:
针对DIDS网络提出了一种基于移动代理的入侵监测系统结构-against DIDS network presents a Mobile Agent Based Intrusion Detection System Platform: |
Size: 6144 |
Author:joe |
Hits:
Description: 主要讲解基于Linux的入侵检测系统,的实现-Mainly on the Linux-based intrusion detection system, the realization of Platform: |
Size: 2243584 |
Author:罗立 |
Hits:
Description: 一篇论文,介绍有关基于数据挖掘的入侵检测系统设计方面的内容-A paper on data mining-based intrusion detection system design aspects Platform: |
Size: 154624 |
Author:sifhay |
Hits:
Description: 自1980年产生IDS概念以来,已经出现了基于主机和基于网络的入侵检测系统,出现了基于知识的模型识别、异常识别和协议分析等入侵检测技术,并能够对百兆、千兆甚至更高流量的网络系统执行入侵检测。-Since 1980, the concept of generated IDS has been a host-based and network-based intrusion detection system, a model of knowledge-based recognition, identification and protocol anomaly analysis, intrusion detection technology and be able to Fast, Gigabit and even higher flow of the implementation of intrusion detection systems. Platform: |
Size: 3072 |
Author:丝琪儿 |
Hits:
Description: 本文使用麻省理工学院林肯实验室的网络流量数据( IDEVAL )作为检测混合入侵检测系统性能的试验数据。混合入侵检测系统获得的结果和的基于误用检测入侵检测系统相比较表明,混合入侵检测系统是一个更强大的系统-In this paper, Massachusetts Institute of Technology Lincoln Laboratory data of network traffic (IDEVAL) as the detection of hybrid intrusion detection system performance test data. Hybrid Intrusion Detection System to obtain the results and misuse detection-based intrusion detection system compared to show that the hybrid intrusion detection system is a more powerful system Platform: |
Size: 489472 |
Author:杨川 |
Hits:
Description: 本文首先系统分析了 snort 规则的组成,详细的介绍了各个部分的含义,这对于开发出新的入侵检测系统,建立自己的攻击规则库有很大的帮助。针对系统所需的适应性和自治性,在详细剖析 snort 规则同时,着重研究基于 CVE 入侵检测系统的规则库的实现,底层嗅探器的实现和嗅探过程等问题。在规则特征选项的模式匹配问题上进行重点说明,给出了一种改进的检测方法,即结合使用协议分析进行模式匹配,从试验数据上大大提高了效率,减少了误报率。同时,本系统所基于的 CVE 知识库,跟踪国际上 CVE 的最新发展动态,制订了国内统一的 CVE 标准,具有极大丰富的知识库,有效的解决了国内漏洞库不统一的问题.-The author also describes the architecture and functions and the design and the implement of the software. Intrusion detection system (IDS) is very important for network security. At present, the author systematically analyzes the composition and semantics of Snort rules, which may be of great help for creating signature database, then the paper studies the flexibility and self-controllability in the CVE-based Intrusion Detection System, emphasizes not only on analysis of the snort rules, but on the
realization of intrusion detecting based on CVE rules and the implement of the sniffer. Especially, this paper covers the intrusion signature matching methods, and analyzes the weakness when only uses pattern matching in intrusion analysis and presents an improved approach that combines protocol analysis and pattern matching, to dectect attacks. At the same time it gives an example to show how to use this approach. The experimental results show that the rules surely reduce the rate of misd Platform: |
Size: 478208 |
Author:陈中 |
Hits:
Description: 本文提出一种基于数据挖掘的入侵检测模型,其主要思想是利用数据挖掘的方法,从经预处理的包含网络连接信息的
审计数据中提取能够区分正常和入侵的规则,并用来检测入侵行为。对Apriori 算法中求频繁集时扫描数据库I/O 负载惊人
的问题提出了一种改进办法。为验证该算法的可行性,文章最后实现了该入侵检测模型的知识库中正常连接规则的挖掘。实
验表明该模型能提取特征生成新规则,并证明了方法的可行性和有效性。-In this paper an intrusion detection system based on data mining is proposed, and its main idea is to apply data mining
methods to learn rules that can capture normal and intrusion activities from pre- processed audit data that contain network connection
information. Put forward a method to improve the Apriori algorithm, whose I/O is quite surprising when scanning the database.
To improve the method is feasible the normal rules in the knowledge database in IDS are mined. And the experiment indicates that
the model can produce new rules, which approve the validity and the feasibility of the IDS. Platform: |
Size: 207872 |
Author:youby |
Hits:
Description: Recently, information security has become a key issue
in information technology as the number of computer security
breaches are exposed to an increasing number of security threats. A
variety of intrusion detection systems (IDS) have been employed for
protecting computers and networks from malicious network-based or
host-based attacks by using traditional statistical methods to new data
mining approaches in last decades. However, today s commercially
available intrusion detection systems are signature-based that are not
capable of detecting unknown attacks. In this paper, we present a
new learning algorithm for anomaly based network intrusion
detection system using decision tree algorithm that distinguishes
attacks from normal behaviors and identifies different types of
intrusions. Experimental results on the KDD99 benchmark network
intrusion detection dataset demonstrate that the proposed learning
algorithm achieved 98 detection rate (DR) in comparison with
other existing methods.-Recently, information security has become a key issue
in information technology as the number of computer security
breaches are exposed to an increasing number of security threats. A
variety of intrusion detection systems (IDS) have been employed for
protecting computers and networks from malicious network-based or
host-based attacks by using traditional statistical methods to new data
mining approaches in last decades. However, today s commercially
available intrusion detection systems are signature-based that are not
capable of detecting unknown attacks. In this paper, we present a
new learning algorithm for anomaly based network intrusion
detection system using decision tree algorithm that distinguishes
attacks from normal behaviors and identifies different types of
intrusions. Experimental results on the KDD99 benchmark network
intrusion detection dataset demonstrate that the proposed learning
algorithm achieved 98 detection rate (DR) in comparison with
other existing methods. Platform: |
Size: 312320 |
Author:keerthi |
Hits:
Description: There are two main approaches for implementing IDS Host based and Network based. While the former is implemented in
form of software deployed on a host, the latter, usually is built as a
hardware product with its own hardware platform (IDS appliance).
In this paper, a host based intrusion detection system, that uses the
idea of tracing system calls, is introduced. As a program runs, it
uses the services of the underlying operating system to do some
system calls. This system does not exactly need to know the
program codes of each process. Normal and intrusive behaviors are
collected with gathering the sequences of system calls for each
process. Analysis of data is done via data mining and fuzzy
techniques. Data mining is used to extract normal behaviors
(normal unique rules) and Fuzzy to enhance intelligence of the
System. The proposed system is shown to improve the
performance, and decrease size of database, time complexity, and
rate of false alarms.-There are two main approaches for implementing IDS Host based and Network based. While the former is implemented in
form of software deployed on a host, the latter, usually is built as a
hardware product with its own hardware platform (IDS appliance).
In this paper, a host based intrusion detection system, that uses the
idea of tracing system calls, is introduced. As a program runs, it
uses the services of the underlying operating system to do some
system calls. This system does not exactly need to know the
program codes of each process. Normal and intrusive behaviors are
collected with gathering the sequences of system calls for each
process. Analysis of data is done via data mining and fuzzy
techniques. Data mining is used to extract normal behaviors
(normal unique rules) and Fuzzy to enhance intelligence of the
System. The proposed system is shown to improve the
performance, and decrease size of database, time complexity, and
rate of false alarms. Platform: |
Size: 710656 |
Author:keerthi |
Hits:
Description: 本文综合了IDS与IPS的特点,将协议分析、网络流量分析与深度包检测技术相结合,提出一个新的网络防御系统一“基于协议分析的网络分布式入侵防御系统(Network Distributed Intrusion Prevention System Base on the Protocol
Analysis,NDIPS),同时给出了系统的基本实现,并利用现有仿真条件及网络基
础对部分检测防御技术进行了必要的评测与验证。该系统提高了网络对入侵的实
时阻止能力,提高了网络整体的安全性。-This combination of IDS and IPS features, the protocol analysis, network traffic analysis and deep packet inspection technology, to propose a new network defense system a " protocol analysis of network-based distributed intrusion prevention system (Network Distributed Intrusion Prevention System Base on the Protocol Analysis, NDIPS), also gives a basic implementation of the system and the simulation conditions and the use of existing network infrastructure technology for detection and prevention on the part of the necessary evaluation and verification. The system is to improve the network in real time to prevent the invasion ability of and improve overall network security. Platform: |
Size: 4255744 |
Author:sdjgkj |
Hits:
Description: 自1980年产生IDS概念以来,已经出现了基于主机和基于网络的入侵检测系统,出现了基于知识的模型识别、、异常识别和协议分析等入侵检测技术,并能够对百兆、千兆甚至更高流量的网络系统执行入侵检测。 已通过测试。
-Since 1980 to produce the IDS concept, host-based and network-based intrusion detection systems, knowledge-based model identification, anomaly identification and protocol analysis, intrusion detection technology, and on Fast, Gigabit and even more high-traffic network system to perform intrusion detection. Has been tested. Platform: |
Size: 3072 |
Author:面积 |
Hits:
Description: 随着计算机和网络技术应用的日益普及,网络安全问题
日显突出。来自计算机系统外部和内部的入侵者可能会对系
统进行破坏,或者试图窃取客户的个人信息。为了保证计算
机系统及信息的安全,网络入侵检测技术得到了发展和应用。-In order to optimize test efficiency of Intrusion Detection System(IDS) based on Support Vector Machine(SVM), a new intrusion
detection method based on Graphics Processing Unit(GPU) and feature selection is proposed. During the process of intrusion detection, GPU-based
parallel computing model is adopted and features of samples are reasonable selected. Experimental results demonstrate that the proposed method can
reduce time consumption in the training procedure of IDS and the performance for intrusion detection is kept as usual. Platform: |
Size: 223232 |
Author:闫雪 |
Hits:
Search - ids based intrusion detection system