计算机工程 ›› 2009, Vol. 35 ›› Issue (12): 106-108.doi: 10.3969/j.issn.1000-3428.2009.12.037

• 安全技术 • 上一篇    下一篇

复杂网络攻击的HMM检测模型

史志才,陶龙明   

  1. (上海工程技术大学电子电气工程学院,上海 201620)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2009-06-20 发布日期:2009-06-20

HMM Detection Model for Complicated Network Attacks

SHI Zhi-cai, TAO Long-ming   

  1. (Institute of Electronic & Electric Engineering, Shanghai University of Engineering Science, Shanghai 201620)
  • Received:1900-01-01 Revised:1900-01-01 Online:2009-06-20 Published:2009-06-20

摘要: 针对检测复杂网络攻击的难度,剖析复杂网络攻击的本质特征,提出一种基于HMM的入侵检测模型,通过关联分析不同网络监视器产生的报警事件序列,挖掘这些报警事件的内在联系,进而检测复杂网络攻击。实验结果表明,该模型能有效地识别复杂网络攻击的类别。

关键词: 计算机网络, 网络攻击, 隐马尔可夫模型, 入侵检测

Abstract: It is difficult to detect complicated network attacks effectively. The inherent characteristics of complicated network attacks are analyzed. A new HMM model for detecting sophisticated network attacks is proposed. The alarm event sequences from different network monitors are correlated and their inherent relationship is mined so as to detect complicated network attacks. Experimental results show that the model can recognize complicated network attacks effectively.

Key words: computer network, network attacks, Hidden Markov Model(HHM) model, intrusion detection

中图分类号: