基于MAS入侵检测系统规则库的构建研究软件工程专业论文.docxVIP

II II ABSTRACT ABSTRACT With the extensive applications of the network and other information technologies, the security of network systems has become critical. Intrusion detection system (IDS) is the key technologies to protect network systems security and is important way of net- work security, being a hot area of research and development. Because one of cores in IDS’ study is the rulebase, the research on the rulebase is very important. This paper use methods and technologies of knowledge engineering to create a rule- base. First ，the paper analyzes the status of research in the IDS at this stage , puts forward to knowledge-based object-oriented attack expressed models , and uses java language to realize knowledge expressing of an attack. After this, the paper studies and analyzes the design of rulebase of network intrusion detection system (NIDS), and dis- cusses the framework of rulebase for NIDS. The rulebase is based on the object-oriented knowledge presentation models, and syncretizes concepts into a rulebase level. Finally, the paper explored ways to achieve the rulebase and its update automatically methods, and make feasible achievement programme of the rulebase. The model that the paper has proposed can express complex attacks and distributed attacks correctly and effectively. The rulebase model and programme of achievement proposed embodies a good knowledge management mechanism. It has efficient and adaptive characteristics for detection. It is hoped that this can provide reference and il- lumination for intelligent network intrusion detection systems research. Keyword: Intrusion Detection, Rulebase, Attack Knowledge Presentation, MAS III III 目录 目 录 HYPERLINK \l _bookmark0 第一章 绪 论 1 HYPERLINK \l _bookmark1 1.1 研究背景与意义 1 HYPERLINK \l _bookmark2 1.2 入侵检测系统概述 2 HYPERLINK \l _bookmark3 1.2.1 入侵检测技术分析 3 HYPERLINK \l _bookmark4 1.2.2 入侵检测系统分类[4] 4 HYPERLINK \l _bookmark5 异常检测 4 HYPERLINK \l _bookmark6 误用检测 5 HYPERLINK \l _bookmark7 1.3 课题的提出与研究