期刊文献+

基于ARMA模型的CFAR网络入侵检测方法研究

CFAR intrusion detection method based on ARMA model
下载PDF
导出
摘要 提出了一种基于ARMA网络流量模型的CFAR入侵检测系统。采用ARMA模型对网络流量进行预测,并运用雷达信号处理中的恒误警CFAR技术,选取检测阀值以判定是否存在入侵信号。利用林肯实验室DARPA数据对系统进行试验,结果表明,此方法与AR预测模型相比,具有更高的检测率和更低的误警率。 A constant false alarm rate (CFAR) intrusion detection method based on autoregressive moving average (ARMA) model is proposed in this paper. The network flow can be predicted by using the ARMA model, and an appropriate detection threshold is chosen through the CFAR in radar signal processing, which can decide whether an intrusion signal exists or not. According to the simulations based on the DARPA datasets of Lincoln Lab and the comparisons with the intrusion detection system (IDS) based on autoregressive (AR) model, the results show that the detective probability is higher and the false alarm rate is lower by using this proposed method.
出处 《信息技术》 2007年第5期14-16,21,共4页 Information Technology
基金 教育部留学回国人员科研启动基金资助项目
关键词 入侵检测 ARMA模型 恒误警率(CFAR) AR模型 intrusion detection ARMA model constant false alarm rate AR model
  • 相关文献

参考文献10

  • 1Herringshaw C.Detecting attacks on network[J].Computer,1997,30:16-17.
  • 2Lin Jia-Ling,Wang XS,Jajodia S.Abstraction-based misuse detection:high-level specifications and adaptable strategies[C].ComputerSecurity Foundations Workshop.Proceedings,IEEE,1998:190-201.
  • 3Jaw L C,Wu N.Anomaly detection and reasoning with embedded physical model[C].Aerospace Conference Proceedings,IEEE,2002,6:3073-3081.
  • 4He Di,Herry Leung.A Novel CFAR Intrusion Detection Method Using Chaotic Stochastic Resonance[C].Circuits and Systems,2004.ISCAS '04.Proceedings of the 2004 International Symposium on,2004,4 (5):23-26.
  • 5Maglaris B,A nastassiou D,Sen P,et al.Performance models of statistical multiplexing in packet video communications[J].Communications,IEEE Transactions,1998,36(6):834-844.
  • 6Sang Aimin,Li San-qi.A predictability analysis of network traffic[C].INFOCOM,2000.Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies Proceedings.IEEE,2000,1:342-351.
  • 7Adas A.Traffic models in broadband networks[J].IEEE Communications Magazine,1997,35(7):82-89.
  • 8中山大学数学系.概率论及数理统计[M].北京:高等教育出版社,2001.
  • 9邹柏贤,姚志强.一种网络流量平稳化方法[J].通信学报,2004,25(8):14-23. 被引量:18
  • 10http://www.ll.mit.edu/IST/ideval/data.

二级参考文献12

  • 1ADAS A. Traffic models in broadband networks[J]. IEEE Communications Magazine, 1997, 35(7): 82-89.
  • 2MAGLARIS B, et al. Performance models of statistical multiplexing in packet video communications[J]. IEEE Trans Commun,1998,36(7): 834-844.
  • 3GRUNENFELDER R, et al. Characterization of video codecs as autoregressive moving average processes and ralated queuing system performance[J]. IEEE JSAC, 1991,9(4): 283-293.
  • 4FROST V, MEL AMED B. Traffic modeling for telecommunications networks[J]. IEEE Communication Magazine, 1994, 32(3):70-81.
  • 5BASU S, MUKHERJEE A, KLIVANSKY S. Time series models for Internet traffic[A]. Proceedings of INFORCOM[C].1996.611-620.
  • 6SANG A, LIS. A predictability analysis of network traffic[A]. Proceedings of IEEEINFOCOM 2000[C]. 2000. 342-351.
  • 7NORROS I. On the use of fractional brownian motion in the theory of connectionless traffic[J]. IEEE Journal of Selected Areas in Communications, 1995, 13(6): 953-962.
  • 8WILFRID J, FRANK J. Introduction to statistical analysis, third edition[M]. New York: McGraw-Hill Book Company, 1983.
  • 9GEORGEE GWILYMM GREGORYC 顾岚 范金诚译.时间序列分析--预测与控制[M].北京:中国统计出版社,1997..
  • 10SHIM C, RYOO I, LEE J, et al. Modeling and call admission control algorithm of variable bit rate video in ATM networks[J]. IEEE Journal on Selected Areas in Communications, 1994, 12(2): 332-344.

共引文献17

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部