在系统中,既综合了基于异常行为的入侵检测和基于特征的入侵检测技术,在配置上又采用了主机配置和网络配置相互配合的方式。
In the system, apply the Intrusion detection technique of the based on unusual behavior and signature-based, and adopt the way of host and network configuration cooperating each other.
基于数据挖掘的入侵检测系统具有一定的自学习性和自完善性,可以检测已知或未知的入侵行为。
IDS based on data mining has the functions of self -learning and self -completing, it can detect the know and unknown intrusion activities.
该系统模型既综合了基于异常行为的入侵检测和基于特征的入侵检测技术,在配置上又采用主机配置和网络配置相互配合的方式。
This model uses not only misuse but also anomaly detection technology, and at deployment the host based subsystem cooperates with the network-based subsystem.
提出了一种基于系统调用序列的入侵检测模型,利用绝对安全环境下的应用程序系统调用序列建立正常行为模式。
In this paper an intrusion detection model based on system call sequences is proposed, and a normal activity mode of the system call sequences in absolute security environment is established.
并研究系统中多个系统关键程序的运行监控问题,提出了一个基于进程行为分类的入侵检测系统原型。
The running and monitor problems of many system key programs in the system are researched and IDS prototype is put forward based on process behavior classifier.
基于进程行为的入侵检测技术是主机防范入侵和检测恶意代码的重要技术手段之一。
Intrusion Detection based on process 'behaviors is one of the mainstream techniques for defend against intrusion and malicious code.
基于程序行为的异常检测方法主要通过建立程序正常行为模式库来检测入侵。
It detect the anomaly mainly through establishing the normal behavior model database that anomaly detection method based on the procedure behavior.
该文应用SVM的分类特性来识别网络攻击行为,提出了基于SVM的入侵检测方法。
This paper utilizes the classification feature of SVM to recognize intrusion, and gives SVM-based intrusion detection system.
监视程序行为是近年基于主机的异常入侵检测的研究热点,构建程序行为模型是进行异常检测的关键。
Monitoring program behavior is one of the highlighted research topics of host-based anomaly detection recently. The key is to construct a program behavior-based anomaly detection model.
为了能有效地检测和跟踪入侵行为,这里提出了一个基于智能代理的入侵检测系统的体系结构和分布跟踪算法。
In order to detect and trace the intrusion, an architecture for intrusion detection based intelligent agent and a distributed trace algorithm are presented.
由描述属性建立模糊轮廓树,行为属性建立行为模式,并基于模糊轮廓树实现了入侵检测的方法。
We build a fuzzy profile tree based on describing attributes and behavior patterns based on acting attribute, and finally detect invasions based on the fuzzy profile tree.
针对网络入侵的不确定性导致异常检测系统误报率较高的不足,提出一种基于Q-学习算法的异常检测模型(QLADM)。 该模型把Q-学习、行为意图跟踪和入侵预测结合起来,可获得未知入侵行为的检测和响应。
To the problems higher rate of false retrieval in anomaly detection system due to the uncertainty of intrusion, this paper presents an Anomaly Detection Model Based on Q- Learning Algorithm (QLADM).
针对网络入侵的不确定性导致异常检测系统误报率较高的不足,提出一种基于Q-学习算法的异常检测模型(QLADM)。 该模型把Q-学习、行为意图跟踪和入侵预测结合起来,可获得未知入侵行为的检测和响应。
To the problems higher rate of false retrieval in anomaly detection system due to the uncertainty of intrusion, this paper presents an Anomaly Detection Model Based on Q- Learning Algorithm (QLADM).
应用推荐