摘要
结合模糊认知图理论,构造基于概率模糊认知图(PFCM)的攻击图来描述入侵行为,提出一种结合误用检测和异常检测的基于PFCM的混合入侵检测方法.该方法用模糊概念描述异常,用数值运算代替模式匹配,并利用概率测度有效表示各因素间关系的不确定性.构造基于PFCM的Smurf攻击图并进行检测实验,实验结果表明该方法能在保持高检测率的情况下降低误报率,并具有较好的鲁棒性.
Based on probabilistic fuzzy cognitive map (PFCM), the attack map was constructed to describe intrusion behaviors by applying fuzzy cognitive map theory. By combining misuse detection with anomaly detection, a hybrid intrusion detection approach based on PFCM was presented. It described anomaly as fuzzy conception, executed numerical operations instead of pattern matching, and expresses the uncertainty of relations of the factors by applying probability measure. The Smurf attack map based on PFCM was constructed and experimented. The test results showed that the approach was robust and can keep high detection rate with lower false positive rate.
出处
《小型微型计算机系统》
CSCD
北大核心
2006年第5期783-787,共5页
Journal of Chinese Computer Systems
基金
广西科学基金(桂科自0339008)资助
关键词
网络入侵检测
概率模糊认知图
概率测度
network intrusion detection
probabilistic fuzzy cognitive map
probability measure