The intrusion detection system divides into two categories according to the detection technique: anomaly-based detection system and misuse-based detection system.
入侵检测按照检测技术分为两类:基于异常的入侵检测和基于误用的入侵检测。
Then it analyzed intrusion detection technology, compared the merits and shortcomings of Anomaly-based detection and Misuse-based detection, and depicted the source data of different detection ways.
然后分析入侵检测技术。比较异常检测和滥用检测各自的优缺点,以及各种检测方法的数据来源。
This article presents a anomaly detection method based on correlation eigen matrix and neural network.
本文描述了一个基于相关特征矩阵和神经网络的异常检测方法。
This paper presents a new algorithm , an anomaly detection algorithm based on hidden pattern.
该文提供了一种新的基于隐含模式的异常检测算法。
By constructing state machine and get information from it, this approach can contain both anomaly-based and misuse-based intrusion detection methods, and gain the better detection capability.
通过构建状态机并从其中提取出相关信息,不仅可以同时兼顾基于误用和基于异常的两种检测方法,而且使得它们获得了更好的检测效果。
Based on the analysis of characteristics of hyperspectral imagery, the methods of anomaly detection are studied systematically in this paper.
本文在深入分析高光谱数据特点的基础上,系统地研究了基于光谱维的图像异常检测方法。
A new method for the anomaly detection based on the attributes similarity and the cloud model was proposed to alleviate the high false positive rate problem in the detection.
针对网络异常检测虚警率偏高的问题,提出了一种基于属性相似度云模型的网络异常检测新方法。
The paper presents an artificial immunity based multimodal evolution approach for anomaly intrusion detection.
提出一种基于免疫的多峰值进化异常入侵检测方法。
This paper presents a new method, which is active detect network scans, based on TCP's port and flag's anomaly detection.
提出一种基于TCP端口和标志位异常检测的主动检测扫描技术。
An anomaly detection model based on the multi-feature similarity in large-scale network is proposed in this paper.
提出了大规模网络中一种基于相似度的异常检测模型。
A matching algorithm based on the negative selection for anomaly detection was presented in this paper.
使用了一种改进的否定选择匹配算法来检测异常行为。
This model uses not only misuse but also anomaly detection technology, and at deployment the host based subsystem cooperates with the network-based subsystem.
该系统模型既综合了基于异常行为的入侵检测和基于特征的入侵检测技术,在配置上又采用主机配置和网络配置相互配合的方式。
This article presents an anomaly detection method based on correlation eigen matrix and neural network.
文章描述了一个基于相关特征矩阵和神经网络的异常检测方法。
Through the comparison of the results from the experiment and wavelet analysis, it shows that network-wide traffic anomaly detection based on subspace method is more simple and effective.
通过实验结果与小波分析结果的对比,证明了基于子空间方法的大规模网络流量异常检测是一种既简单又高效的方法。
This paper proposes a new Support Vector Machine(SVM) for anomaly intrusion detection method based on Latent Semantic Indexing(LSI).
论文提出了一种基于潜在语义索引(LSI)和支持向量机(SVM)的异常入侵检测方法。
It detect the anomaly mainly through establishing the normal behavior model database that anomaly detection method based on the procedure behavior.
基于程序行为的异常检测方法主要通过建立程序正常行为模式库来检测入侵。
A network traffic anomaly detection mechanism is presented based on support vector machine (SVM).
提出了一种基于支持向量机的网络流量异常检测方法。
Anomaly detection based on network traffic model is one of the important research directions in traffic anomaly detection.
基于网络流量模型的异常检测是流量异常检测的一个重要研究方向。
A new anomaly detection model based on system call macro was presented.
提出了一个基于系统调用宏的异常检测模型。
This paper presents and implements a macro-network traffic anomaly detection strategy based on sequential frequent pattern mining.
基于序贯频繁模式挖掘,提出并实现了一种宏观网络流量异常检测的方法。
This paper proposes a new anomaly intrusion detection method based on support vector data description (SVDD).
提出了一种基于支持向量数据描述算法的异常检测方法。
In this paper, a new method of hyperspectral anomaly detection based on project pursuit is presented.
该文提出了一种基于投影追踪的高光谱图像异常点检测方法。
The results of the experiment show that the anomaly detection method based on principal component analysis is effective.
实验结果证明了基于主成分分析的异常检测方法的有效性。
This paper presents a new method based on TCP packet anomaly detection (THAD) to detect system scans.
该文提出一种基于TCP包头异常检测的系统扫描检测方法THAD。
A novel online fault detection algorithm based on adaptive auto-regressive (AAR) model is proposed focusing on the anomaly detection of network traffic.
通过研究网络流量异常检测,提出一种新的基于自适应自回归(aar)模型的在线故障检测算法。
An anomaly detection algorithm is presented based on improved KFCM cluster algorithm which can achieve partial best partition.
提出了一种改进的KFCM聚类异常检测算法,该算法可获得局部最优划分。
For the anomaly detection in the vibration time series of the rotor system, a real-valued negative selection algorithm based on Euclidean distance has been implemented.
针对转子振动时间序列中异常数据的检测问题,采用欧氏距离进行匹配计算,在实数域实现了负向选择算法。
Use data mining methods to analyze the audit data and provide anomaly detection based on the generated normal patterns, this method can improve the performance of intrusion detection system.
利用数据挖掘技术对审计数据加以分析,总结出一些正常模式,用来进行异常检测,将有助于提高入侵检测系统的检测准确性和完备性。
However, OCSVM-based intrusion detection approaches do not need any labeled data set, and attempt to find anomaly buried in the data.
而基于OCSVM的入侵检测不需要任何标记数据,并且能够从未标记的数据集中发现异常。
But anomaly detection USES based-on statistic analyzed model detection "anomaly" network actions.
而异常检测模块,它采用基于统计分析模型检测“异常”的网络行为。
应用推荐