另外它还可以用来提取一些未知的或未被发现的入侵行为模式等。
It can also be used to pick up some unknown or undetected intrusion modes.
文章介绍了在我们设计开发的分布式协同入侵检测系统(DACIDS)中通过对入侵行为模式的匹配而进行告警关联的方法。
In this paper, we propose to use intrusion action pattern to correlate alerts in our Distributed Active Collaboration intrusion Detection System (DACIDS).
人们同样不会为入侵别人隐私以及为保护已经过时,频临崩溃的商业模式进行严厉的法律保护的行为进行辩解。
But there isn't a moral defense for invading people's privacy and imposing draconian laws to protect outdated, crumbling business models either.
测试结果表明,IIDS可以有效地检测出网络的入侵行为,以及未知的攻击模式,达到了预期目标。
The results showed that IIDS can properly detect network intrusion actions and implement the detection to unknown attack modes for the due aim.
提出了一种基于系统调用序列的入侵检测模型,利用绝对安全环境下的应用程序系统调用序列建立正常行为模式。
In this paper an intrusion detection model based on system call sequences is proposed, and a normal activity mode of the system call sequences in absolute security environment is established.
由描述属性建立模糊轮廓树,行为属性建立行为模式,并基于模糊轮廓树实现了入侵检测的方法。
We build a fuzzy profile tree based on describing attributes and behavior patterns based on acting attribute, and finally detect invasions based on the fuzzy profile tree.
如果一个实际的入侵行为稍有偏差就有可能与正常的模式相匹配,而异常检测系统则无法检测到这种入侵行为。
In addition, an actual intrusion with a small deviation may match normal patterns. So the intrusion behavior cannot be detected by the detection system.
并且在检测未知入侵行为方面,构建了一个预想模型,对未知入侵行为做了预警,一定程度上改善了模式匹配技术本身的弱点。
Besides, it builds up a designed model to alarm at unknown intrusion detection, which to some extends, improves the disadvantage of module matching technology.
有计划地分析异常行为的模式,然后IDS建立一条正常使用模式的基准线,那么任何行为只要背离的这个基准就当作可能的入侵来看待。
Designed to uncover abnormal patterns of behavior, the IDS establishes a baseline of normal usage patterns, and anything that widely deviates from it gets flagged as a possible intrusion.
二是在数据包与入侵规则进行模式匹配时,使用什么样的模式匹配算法来快速准确地检测出入侵行为。
The other is which pattern match algorithm can be used to detect intrusion quickly and accurately when the packet matching intrusion rules.
基于程序行为的异常检测方法主要通过建立程序正常行为模式库来检测入侵。
It detect the anomaly mainly through establishing the normal behavior model database that anomaly detection method based on the procedure behavior.
通过比较当前的系统行为模式和已有的模式规则的相似度来发现已知或者未知的误用入侵和异常入侵活动。
Then, we can compare the current action pattern with the pattern in the pattern database to find out the known or unknown misuse intrusions and anomaly intrusions.
通过比较当前的系统行为模式和已有的模式规则的相似度来发现已知或者未知的误用入侵和异常入侵活动。
Then, we can compare the current action pattern with the pattern in the pattern database to find out the known or unknown misuse intrusions and anomaly intrusions.
应用推荐