给出了针对无线网络的入侵检测模型和网络异常行为检测策略。
Moreover, it presents a model of intrusion detection system and strategies for detecting anomaly behaviors.
瘦客户机、VNC连接和虚拟客户机在理论上可以工作,但是不同处理层和网络延迟可能导致异常行为。
Thin clients, VNC connections, and virtualized clients will work in theory, but the various layers of processing and network lag may cause unexpected behavior.
管理员可以使用RFHUtil,在诊断网络中异常行为时验证消息报头的内容和负荷。
Administrators can use RFHUtil to verify the contents of message headers and payloads while diagnosing strange behavior in the network.
在系统中,既综合了基于异常行为的入侵检测和基于特征的入侵检测技术,在配置上又采用了主机配置和网络配置相互配合的方式。
In the system, apply the Intrusion detection technique of the based on unusual behavior and signature-based, and adopt the way of host and network configuration cooperating each other.
根据社会网络分析理论,异常行为总是隐藏在大量的正常行为模式中。
According to social network analysis theory, a large number of abnormal behaviors are always hidden in the normal mode of behavior.
其中规则库中包含正常行为规则和异常行为规则,使得原型系统在理论上既可实现误用检测也可实现异常检测,并采用关联规则挖掘模块对网络连接数据进行处理。
The rule sets of the system include normal behavior rules and abnormal behavior rules, it make the system can carry out the anomaly detection and misuse detection in theory.
该系统模型既综合了基于异常行为的入侵检测和基于特征的入侵检测技术,在配置上又采用主机配置和网络配置相互配合的方式。
This model uses not only misuse but also anomaly detection technology, and at deployment the host based subsystem cooperates with the network-based subsystem.
其思想是通过将网络审计数据转化为时序数据库,对其进行序列模式挖掘以提炼出用户行为模式,并由此进行异常检测。
The idea is to transform the net audit data into time series database and mine the sequence pattern to extract the user behavior pattern , and then to use behavior pattern in anomaly detection.
而异常检测模块,它采用基于统计分析模型检测“异常”的网络行为。
But anomaly detection USES based-on statistic analyzed model detection "anomaly" network actions.
另一方面需要对网络流量进行更好的特征分析,并监控异常流量和网络攻击行为,提高网络安全性。
On the other hand we should diagnostically analyse the network traffic and monitor the abnormal traffic and attacks of network to improve the network security.
本文提出的网络行为检测模型可以有效地帮助网管人员及时发现网络中的异常行为,为网络管理人员提供便利,具有较强的实用价值。
The detection model outlined in this paper would be able to help the network managers to find the anomaly behavior, which has high practical value.
流量异常检测,作为一种网络入侵检测的方法,存在着如何建立正常行为模型的难题。
It is always a difficult problem to erect a model of normal behaviors in the area of network traffic anomaly detection, a method of network intrusion detection.
最后,通过自适应边界值方法进行检测,能够及时发现异常流量行为,说明该模型应用于网络流量预测是可行、有效的。
Finally, abnormal behaviors of network traffic can be found on time through test of adaptive boundary value method, which proves that the model is feasible and effective.
网络流量异常是指网络的流量行为偏离其正常行为的情形,具有发作突然、先兆特征未知的特点,有可能在短时间内给网络及其设备带来极大的伤害。
Network traffic anomaly refers to the status that traffic behaviors depart from the normal behaviors, which has characteristics of a sudden attack and the unknown threatened characteristics.
通过对网络数据包的分析,挖掘出网络系统中频繁发生的行为模式,并运用模式相似度比较对系统的行为进行检测,进而自动建立异常和误用行为的模式库。
By analysis of network traffic (packets), frequent user behavior profiles are mined, and then by comparing the profile similarity, system behavior can be detected in real-time.
针对网络入侵的不确定性导致异常检测系统误报率较高的不足,提出一种基于Q-学习算法的异常检测模型(QLADM)。 该模型把Q-学习、行为意图跟踪和入侵预测结合起来,可获得未知入侵行为的检测和响应。
To the problems higher rate of false retrieval in anomaly detection system due to the uncertainty of intrusion, this paper presents an Anomaly Detection Model Based on Q- Learning Algorithm (QLADM).
针对网络入侵的不确定性导致异常检测系统误报率较高的不足,提出一种基于Q-学习算法的异常检测模型(QLADM)。 该模型把Q-学习、行为意图跟踪和入侵预测结合起来,可获得未知入侵行为的检测和响应。
To the problems higher rate of false retrieval in anomaly detection system due to the uncertainty of intrusion, this paper presents an Anomaly Detection Model Based on Q- Learning Algorithm (QLADM).
应用推荐