摘要： 针对网络入侵攻击活动的模糊性，提出了一种基于模糊推理的模糊Petri网（FPN）误用入侵检测方法。该方法定义了一个六元组FPN，并将模糊产生式规则精化为两种基本类型。在此基础上给出了FPN表示模糊规则的模型、推理过程和基于FPN的推理算法。最后通过入侵检测的实例对该方法的正确性和有效性进行了验证，结果表明该方法推理过程简单直观、容易实现，而且具有并行推理能力，可适用于大规模的FPN模型，是误用入侵检测技术的一种非常有效的解决方案。

关键词: 入侵检测, 模糊Petri网, 模糊推理

Abstract: According to the characteristics of the concurrence of network intrusion and the uncertainty of an attack action, a kind of intrusion detection method based on fuzzy Petri net model is extracted to express the knowledge and the reasoning rules. Firstly, the paper defines 6-tuple as the fuzzy Petri net structure. Secondly, two basic types of the fuzzy production rules are extracted from a number of practical rules. And then a fuzzy reasoning algorithm is programmed. Using a practical instance to test the algorithm at the last, the results show that the algorithm is simple, high-powered and universal. Specially, it has parallel reasoning ability and fits reasoning for the large-scale FPN model. It is an efficient method for intrusion detection.

Key words: Intrusion detection, Fuzzy Petri nets, Fuzzy reasoning

中图分类号: 

• TP393.08