Abstract:
This paper presents an alerts association analysis technology based on intrusion intention in order to overcome the problems exited in today’s alerts association analysis technologies. This method not only inherits the merits of the alerts association analysis technology based on intrusion strategy such as foreseeable, but also improves the adaptability of the intrusion strategy model. Furthermore, it gives the “skipping step” analysis mechanism and its improvement on the comprehension ability of the intrusion detection system.
Key words:
Intrusion detection,
Alerts information association analysis,
Intrusion strategy model
摘要: 针对目前报警信息关联技术中存在的问题,提出了基于入侵意图的报警信息关联分析技术。该技术不仅继承了基于入侵策略的报警信息关联分析方法所具有的时效性、预见性强等优点,而且提高了
关键词:
入侵检测,
报警信息关联分析,
入侵策略模型
CLC Number:
SHI Liang;WANG Beizhan; YAO Junfeng. Alerts Information Association Analysis Technology Based on Intrusion Intention[J]. Computer Engineering, 2006, 32(14): 130-132.
史 亮;王备战;姚俊峰. 基于入侵意图的报警信息关联分析技术[J]. 计算机工程, 2006, 32(14): 130-132.