关键词: 网络入侵, 模糊区域, 判断, 多层逻辑结构, 警报合成, 警报洪流

Abstract: Aiming at the problem that the current fuzzy region judgment algorithm in network intrusion did not consider the selfadaption and faulttolerance of the algorithm, and had the disadvantage of poor judgment efficiency and stability, the author proposed a fuzzy region judgment algorithm in network intrusion based on multilayer logic structure. Firstly, 
the fuzzy region judgment algorithm based on multilayer logic structure was adopted,  the selfadaption and faulttolerance were taken as constraints, and the fuzzy region judgment results in network intrusion were obtained by calculating the feedback solutions of different layers of the algorithm. Secondly, based on the judgment results, the alarm synthesis algorithm was used to synthesize many identical alarms into an alarm to prevent the formation of alarm flood and obtain the best fuzzy region judgment results. The experimental results show that the total average detection rate and false alarm rate of the proposed algorithm are 9313% and 097% respectively, and the average time is 1013 s, which shows that the proposed algorithm has remarkable advantages in judging the fuzzy area of network intrusion.

Key words: network intrusion, fuzzy area, judgement, multilayer logic structure, alarm synthesis, alarm flood