期刊文献+

基于贝叶斯置信网的日志服务系统容侵方法研究 被引量:1

An Approach to Intrusion Tolerance Method for Log Services System Based on Bayesian Belief Net
下载PDF
导出
摘要 文章针对服务器系统被攻破之后,如何保护服务器系统所记录的日志,为以后系统的恢复提供依据,并且提高系统自身生存能力的难点,提出将日志记录按照一定的格式进行分片,将不同的分片存储在不同的日志服务器上的容侵策略。当需要进行日志还原时,再将日志分片组合成原来的日志。构建了系统的异常发现贝叶斯网络模型,该模型根据用户访问日志服务器所提供的特征信息,可以判断出该次访问是否异常行为和所访问日志类型,从而在海量日志信息中快速定位受攻击的服务器及其日志片段,以最小的系统开销恢复可能已经被破坏掉的某一类日志记录。该方法在一定程度上保证了日志记录服务器中日志记录的准确性和正确性。 A discussion is made on how to protect logs of a clustered system of servers for providing recovering information after the system is intruded in order to improve its viability, then an intrusion tolerance policy is introduced that logs are divided into different portions, these portions are stored into many different log servers, and can be combined together to form correct logs when necessary, a Bayesian network is created which can be used to judge requested types and accessed logs according to characteristic data from requesting information of users so as to locate those attached log servers and destroyed portions quickly in sea-quantity information and recover logs service system at a lowest cost. This method protects veracity and validity of log information to some extent.
出处 《微电子学与计算机》 CSCD 北大核心 2006年第12期53-57,60,共6页 Microelectronics & Computer
基金 国家863高科技发展计划项目(20042240)
关键词 日志 客侵 贝叶斯置信网 Log, Intrusion tolerance, Bayesian belief net
  • 相关文献

参考文献7

二级参考文献18

  • 1[1]Shamir A. How to share a secret [J]. Communications of the ACM, 1979, (22): 612-613.
  • 2[2]Canetti R,Gennaro R. , Herzberg A, et al. Proactive security:Long-term protection against break-ins[J].RSA Laboratories' CryptoBytes, 1997,3 (1).
  • 3[3]Canetti R, Gennaro R. , Herzberg A, et al. Proactive security:Long-term protection against break-ins[J].RSA Laboratories'CryptoBytes, 1997,3 (1).
  • 4[4]Desmedt Y, Frankel Y. Threshold cryptosystems[A].In: Brassard G. editor, Advances in cryptology-Crypro'89 (Lecture notes in computer science 335)[C].Springer-Verlag, 1990,307-315.
  • 5Pearl J. Probabilistic Reasaning in Intelligent Systems: Networks of Plausible Inference.San Mateo, CA, Morgan Kaufmann, 1988.
  • 6Pearl J. On Evidence Reasoning in a Hierarchy of Hypotheses [ J ].Artificial Intelligence, 1986, 28: 9-15.
  • 7Heckerman D. A Bayesian Approach for Leandng Causal Networks[C].Proceedings of the 11th Conference of Uncertainty in Artificial Intelligence, San Francisco, 1995. 285-295.
  • 8Kirillov V P. Constructive Stochastic Temporal Reasoning in Situation Assessment[J].IEEE. Trans. on System, Man and Cybemetics, 1994,21(7): 1099-1113.
  • 9Zacharias G, Miao A, Illgen C, et al. SAMPLE: Situation Awareness Model for Pilot in the Loop Evaluation[C]. Proceeding of the First Annual Symposium on Situation Awareness in the Tactical Air Environment, Patuxent River, MD(June), 1996.
  • 10史忠植.知识发现[M].北京:清华大学出版社,2000..

共引文献87

同被引文献17

引证文献1

二级引证文献2

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部