原创力文档基于多ids系统的攻击场景重建方法的分析-analysis of attack scene reconstruction method based on multi - ids system.docxVIP
- 12
- 0
- 约5.95万字
- 约 69页
- 2018-05-18 发布于上海
- 举报
基于多ids系统的攻击场景重建方法的分析-analysis of attack scene reconstruction method based on multi - ids system
AbstractNowadays, one very complicated problem bothering network analysts too much is the redundant data generated by IDS. The objective of our system SATA (Security Alert Threat Analysis) is trying to solve this problem. Several novel methods using data mining technologies to reconstruct attack scenarios were proposed to predict the next stage of attacks according to the recognition the attackers’ high level strategies. The main idea of this paper is to propose a novel idea of mining “complicated” attack scenarios based on multi-agent systems without the limitation of necessity of clear attack specifications and precise rule definitions. We propose SAMP, a reformative prefreespan algorithm, to mine frequent attack behavior sequences and construct attack scenarios. We also propose CAST which can construct the attack scenario tree for finding relationship between new attacks and historical attack scenarios effectively. The definition of cor-correlativity and pre-correlativity among three elements in frequent attack sequences are described for the attack behaviors correlation and potential attack intention identification. We perform a series of experiments to validate our method on practical attack network environments of CERNET. The results of experiments show that our approach is valid in multi-agent attack scenario construction and correlation analysis.Keywords:frequent attack sequence, attack scenario reconstruction, intrusion detection, data mining, correlation analysis目录摘要 .............................................................................................................. (I)ABSTRACT ................................................................................................ (II)1绪论1.1 研究背景................................................................................................(1)1.2 网络安全关联分析研究的必要性........................................................(5)1.3 国内外研究现状...........................................................................
您可能关注的文档
- 基于地震正演及属性技术精细识别煤田小构造的分析-analysis of fine identification of small structures in coal fields based on seismic forward modeling and attribute technology.docx
- 基于递阶智能控制的绵广高速公路监控系统应用分析-application analysis of mianguang expressway monitoring system based on hierarchical intelligent control.docx
- 基于第二课堂的大学生社会主义核心价值观教育分析-analysis on the education of college students' socialist core values based on the second class.docx
- 基于地质图与钻孔数据的地质剖面自动生成技术分析-analysis of automatic generation technology of geological profile based on geological map and drilling data.docx
- 基于地域特色的新型种植园的景观设计与分析-landscape design and analysis of new plantations based on regional characteristics.docx
- 基于第三方物流企业的集配商策略分析-analysis of distributor strategy based on third party logistics enterprises.docx
- 基于点关联预报模型的抚顺发电厂边坡变形的分析-analysis of slope deformation in fushun power plant based on point correlation prediction model.docx
- 基于点击流分析的电子商务个性化服务分析-personalized service analysis of e-commerce based on click flow analysis.docx
- 基于点击化学改性生物降解聚乳酸的分析-analysis of biodegradable polylactic acid modified by click chemistry.docx
- 基于地质条件的喀斯特区农业土地利用分区—以清镇市为例-agricultural land use zoning in karst areas based on geological conditions - a case study of qingzhen city city.docx
- 基于多gps的汽车动态参数测试系统的分析-analysis of vehicle dynamic parameter testing system based on multi - gps.docx
- 基于多巴胺衍生物的材料表面接枝改性分析-analysis of material surface grafting modification based on dopamine derivatives.docx
- 基于多标签的自动人脸年龄估计分析-analysis of automatic face age estimation based on multi - tags.docx
- 基于多标准决策方法mcdm的质量成本模型选择的分析-analysis of quality cost model selection based on mcdm multi-standard decision-making method.docx
- 基于多表数据库中文关键词top-n查询处理-query proces of chinese keyword top - n based on multi-table database.docx
- 基于多臂星状聚合物的稳定囊泡的制备及应用分析-preparation and application analysis of stable vesicles based on multi-arm star polymer.docx
- 基于多波束数据的数字海底地形地貌研究分析-research and analysis of digital seabed topography based on multibeam data.docx
- 基于多参数pdpk结合模型的药代学计算系统设计及应用-design and application of pharmacokinetic calculation system based on multi-parameter pdpk combined model.docx
- 基于多波束的明渠断面水流量监控系统的分析与设计-analysis and design of open channel cross-section water flow monitoring system based on multi-beam technology.docx
- 基于多参数反演的油气检测方法分析及应用-analysis and application of oil and gas detection method based on multi-parameter inversion.docx
最近下载
- 读书分享《给教师的建议》ppt课件(3).pptx
- 食材配送项目-供应商对本项目的合理化建议和改进措施.docx VIP
- 小肠腺癌科普宣传.pptx VIP
- 《高等数学》教案 第53课 傅里叶级数.docx VIP
- FCA-FineBI试卷及答案文档.docx VIP
- 初中理化生如何开展实验教学.pptx VIP
- 铁总工电〔2018〕125号普速铁路桥隧建筑物修理规则.docx VIP
- 汉英翻译技巧课件钟书能 ISBN9787566304049 PPT06.ppt VIP
- T∕CSMT KJ004-2026 少铅 无铅辐射屏蔽材料防护性能检测技术规范.docx VIP
- ALC轻质隔墙项目工程责任监察详细介绍.docx VIP
文档评论(0)