摘要
提出一种基于贝叶斯理论的入侵检测系统(IDS)评测方法,设计并建立了一套较完善的入侵检测系统评测体系.确立了用于评测IDS的4个重要指标:功能指标、性能指标、安全性指标和用户可用性指标.量化分析了一些主要测试指标,并利用概率树模拟入侵及检测过程.结果表明,该方法能在系统的检测率和误报率间找到最佳的阈值平衡点.
A fresh IDS evaluation method based on Bayesian theory was proposed, and a more perfect Intrusion Detection System Evaluation System was thus designed and constructed. Meanwhile, the four important indices to evaluate IDS, that is, function index, performance index, security index and user availability index, were established. The specific quantitative analysis about some of the major indices was made, moreover, the process of intrusion and detection was simulated with probability tree. The results show that the presented method can find the optimal balance between the detection rate and false alarm rate of the system.
出处
《吉林大学学报(理学版)》
CAS
CSCD
北大核心
2008年第5期925-929,共5页
Journal of Jilin University:Science Edition
基金
信息产业部电子信息产业发展项目基金(批准号:信部运[2004]125号)
关键词
网络安全
入侵检测
评测
见叶斯理论
概率树
攻击
测试环境
network security
intrusion detection
evaluation
Bayesian theory
probability tree
attack
testenvironment
