We design a CVE-based Intrusion Detection Expert System rule base, it combine the network-based IDS and host-based IDS into a system, and provide detection, report and response together.
本文提出一种基于CVE标准建立的入侵检测专家系统规则库,该入侵检测专家系统是基于网络和主机的混合结合体,提供集成化的检测、报告和响应功能。
Second, the expert system adopted currently by most intrusion detection products have high false alarm rate because the network attack means change variably.
第二二,当前绝大多数入侵检测产品采用的都是专家系统,但网络攻击手段变化多样,导致误报漏报率太高;
Many methods are used in analysis model to detect intrusion actions, such as protocol analysis, expert system, application layer data reconstruction, intrusion detection.
对于获得的数据,分析模块采用多种方式综合分析入侵行为,包括协议分析、专家系统、应用数据还原、入侵检测等技术。
Simply use the traditional technique based on fuzzy reasoning or expert system in intrusion detection system can not satisfy real-time and accuracy requirements.
利用传统的基于模糊推理或规则匹配的专家系统对其进行入侵检测已不能满足系统的实时性和准确度要求。
Simply use the traditional technique based on fuzzy reasoning or expert system in intrusion detection system can not satisfy real-time and accuracy requirements.
利用传统的基于模糊推理或规则匹配的专家系统对其进行入侵检测已不能满足系统的实时性和准确度要求。
应用推荐