基于异常检测的入侵检测技术

J4 ›› 2009, Vol. 47 ›› Issue (6): 1264-1270.

基于异常检测的入侵检测技术

胡亮¹, 金刚¹, 于漫², 任斐¹, 任维武¹

1. 吉林大学计算机科学与技术学院, 长春130012； 2. 长春工业大学计算机科学与工程学院, 长春 130012

收稿日期:2008-12-06 出版日期:2009-11-26 发布日期:2010-01-07
通讯作者: 金刚 E-mail:jingang_jlu@126.com

Techniques of IDS Based on Anomaly Detection

HU Liang¹, JIN Gang¹, YU Man², REN Fei¹, REN Weiwu¹

1. College of Computer Science and Technology, Jilin University, Changchun 130012, China；2. College of Computer Science and Technology, Changchun University of Technology, Changchun 130012, China

Received:2008-12-06 Online:2009-11-26 Published:2010-01-07
Contact: JIN Gang E-mail:jingang_jlu@126.com

摘要/Abstract

摘要：

对目前的异常检测技术进行了全面概述, 按照采用的不同技术将异常检测分为基于统计、基于机器学习和基于数据挖掘3种, 阐述了各种异常检测技术的特征, 并描述了目前基于异常入侵检测系统用到的各种算法及其实现方法. 通过实验结果, 比较了各种算法的检测效果.

关键词: 异常检测；机器学习；统计异常检测；数据挖掘

Abstract:

The authors provided a comprehensive survey of anomaly detection systems used in the recent years. Intrusion detection was divided into 3 kinds based on technologies used. They are statistical anomaly detection, machine learning based anomaly detection and data mining based anomaly detection. The authors described the various features of anomaly detection technologies in details, represented the algorithms used in the current Anomaly Intrusion Detection Systems, the implements of the algorithms, and also compared the effects of various detection algorithms through the experiment.

Key words: anomaly detection, machine learning, statistical anomaly detection, data mining

中图分类号:

TP393

胡亮, 金刚, 于漫, 任斐, 任维武. 基于异常检测的入侵检测技术[J]. J4, 2009, 47(6): 1264-1270.

HU Liang, JIN Gang, YU Man, REN Fei, REN Weiwu. Techniques of IDS Based on Anomaly Detection[J]. J4, 2009, 47(6): 1264-1270.

[1]	王丽丽, 于双元. 一种基于社团和分层思想的无标度演化模型[J]. J4, 2012, 50(06): 1169-1174.
[2]	郭东, 杜勇, 胡亮. 基于HDFS的云数据备份系统[J]. J4, 2012, 50(01): 101-105.
[3]	刘敏, 房至一, 王红斌, 张希. 一种新的处理能力优先的权值分配调度算法[J]. J4, 2011, 49(06): 1105-1110.
[4]	刘敏, 房至一, 王红斌, 徐鹏. 基于老化算法的分布式文件缓存算法[J]. J4, 2011, 49(05): 895-900.
[5]	周建秋, 石伟, 李强. 用关联方法推测网络蠕虫的传播路径[J]. J4, 2009, 47(6): 1241-1245.
[6]	韩璐, 张洁, 包铁, 李金宇, 刘淑芬. 基于SNMP的信息采集系统[J]. J4, 2009, 47(6): 1225-1229.
[7]	胡亮, 任维武, 任斐, 刘晓博, 金刚. 基于改进密度聚类的异常检测算法[J]. J4, 2009, 47(05): 954-960.