重点论述了两种典型的入侵检测方法—异常行为检测方法和比较学习检测方法的基本原理,并在此基础上实现了一个实际的入侵检测专家系统。
And then the two typical methods of the intrusion detection on its importance are discussed-the basic concept of anomaly detection method and compared study detection method.
本文提出一种基于CVE标准建立的入侵检测专家系统规则库,该入侵检测专家系统是基于网络和主机的混合结合体,提供集成化的检测、报告和响应功能。
We design a CVE-based Intrusion Detection Expert System rule base, it combine the network-based IDS and host-based IDS into a system, and provide detection, report and response together.
第二二,当前绝大多数入侵检测产品采用的都是专家系统,但网络攻击手段变化多样,导致误报漏报率太高;
Second, the expert system adopted currently by most intrusion detection products have high false alarm rate because the network attack means change variably.
应用推荐