摘要: 针对网络入侵攻击活动的模糊性,提出了一种基于模糊推理的模糊Petri网(FPN)误用入侵检测方法。该方法定义了一个六元组FPN,并将模糊产生式规则精化为两种基本类型。在此基础上给出了FPN表示模糊规则的模型、推理过程和基于FPN的推理算法。最后通过入侵检测的实例对该方法的正确性和有效性进行了验证,结果表明该方法推理过程简单直观、容易实现,而且具有并行推理能力,可适用于大规模的FPN模型,是误用入侵检测技术的一种非常有效的解决方案。
关键词:
入侵检测,
模糊Petri网,
模糊推理
Abstract: According to the characteristics of the concurrence of network intrusion and the uncertainty of an attack action, a kind of intrusion detection method based on fuzzy Petri net model is extracted to express the knowledge and the reasoning rules. Firstly, the paper defines 6-tuple as the fuzzy Petri net structure. Secondly, two basic types of the fuzzy production rules are extracted from a number of practical rules. And then a fuzzy reasoning algorithm is programmed. Using a practical instance to test the algorithm at the last, the results show that the algorithm is simple, high-powered and universal. Specially, it has parallel reasoning ability and fits reasoning for the large-scale FPN model. It is an efficient method for intrusion detection.
Key words:
Intrusion detection,
Fuzzy Petri nets,
Fuzzy reasoning
中图分类号:
张白一;崔尚森;. 基于规则推理的FPN误用入侵检测方法[J]. 计算机工程, 2006, 32(14): 119-121.
ZHANG Baiyi;CUI Shangsen;. An Intrusion Detection Method Based on Reasoning Fuzzy Petri Net[J]. Computer Engineering, 2006, 32(14): 119-121.