首页> 外文学位 >On-line adaptive IDS scheme for detecting unknown network attacks using HMM models.

【24h】

On-line adaptive IDS scheme for detecting unknown network attacks using HMM models.

机译：在线自适应IDS方案，用于使用HMM模型检测未知网络攻击。

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

An important problem in designing IDS schemes is an optimal trade-off between good detection and false alarm rate.; Specifically, in order to detect unknown network attacks, existing IDS schemes use anomaly detection which introduces a high false alarm rate. In this thesis we propose an IDS scheme based on overall behavior of the network. We capture the behavior with probabilistic models (HMM) and use only limited logic information about attacks. Once we set the detection rate to be high, we filter out false positives through stages. The key idea is to use probabilistic models so that even an unknown attack can be detected, as well as a variation of a previously known attack. The scheme is adaptive and real-time.; Simulation study showed that we can have a perfect detection of both known and unknown attacks while maintaining a very low false alarm rate.

机译：设计IDS方案的一个重要问题是在良好检测与错误警报率之间进行最佳权衡。具体而言，为了检测未知的网络攻击，现有的IDS方案使用异常检测，这会导致较高的误报率。本文提出了一种基于网络整体行为的IDS方案。我们使用概率模型（HMM）捕获行为，并且仅使用有关攻击的有限逻辑信息。一旦我们将检测率设置为较高，就可以逐步过滤掉误报。关键思想是使用概率模型，以便甚至可以检测到未知攻击以及以前已知攻击的变体。该方案是自适应的和实时的。仿真研究表明，我们可以完美地检测已知和未知攻击，同时保持极低的误报率。

著录项

作者
Bojanic, Irena.;
展开▼
作者单位

University of Maryland, College Park.;

展开▼
授予单位 University of Maryland, College Park.;
学科 Engineering Electronics and Electrical.
学位 M.S.
年度 2005
页码 89 p.
总页数 89
原文格式 PDF
正文语种 eng
中图分类无线电电子学、电信技术;
关键词
入库时间 2022-08-17 11:41:45

相似文献

外文文献
中文文献
专利

1. An Innovative and Efficient Approach for Detecting Unknown Attacks Using Feature Extraction Scheme and Fuzzy-Neural Networks [J] . Vikas Belwal, Sandip Mandal International Journal of Computer Trends and Technology . 2015,第2期

机译：利用特征提取方案和模糊神经网络的创新高效检测未知攻击的方法
2. A HMM-R Approach to Detect L-DDoS Attack Adaptively on SDN Controller [J] . Wentao Wang, Xuan Ke, Lingxia Wang Future Internet . 2018,第9期

机译：HMM-R方法在SDN控制器上自适应检测L-DDoS攻击
3. A Novel Approach to Detect Network Attacks Using G-HMM-Based Temporal Relations between Internet Protocol Packets [J] . Taeshik Shon, Kyusuk Han, James J. (Jong Hyuk) Park, Eurasip Journal on Wireless Communications and Networking . 2011,第Pta1期

机译：一种使用基于G-HMM的Internet协议数据包之间的时间关系检测网络攻击的新方法
4. A real time unsupervised NIDS for detecting unknown and encrypted network attacks in high speed network [C] . Amoli Payam Vahdani, Hamalainen Timo IEEE International Workshop on Measurements and Networking . 2013

机译：实时无人监督NIDS，用于检测高速网络中的未知和加密网络攻击
5. Monitoring unknown source IP addresses and packet sizes to detect DDoS attacks [D] . Kone, Roseline Estelle Sindolmane 2014

机译：监视未知的源IP地址和数据包大小以检测DDoS攻击
6. Detecting Unknown Attacks in Wireless Sensor Networks That Contain Mobile Nodes [O] . Zorana Banković, David Fraga, José M. Moya, 2012

机译：在包含移动节点的无线传感器网络中检测未知攻击
7. On-line Adaptive IDS Scheme for Detecting Unknown Network Attacks using HMM Models [O] . Bojanic Irena 2005

机译：使用HMM模型检测未知网络攻击的在线自适应IDS方案
8. On-line Adaptive IDS Scheme for Detecting Unknown Network Attacks Using HMM Models [R] . Bojanic, I. 2005

机译：基于Hmm模型检测未知网络攻击的在线自适应IDs方案

On-line adaptive IDS scheme for detecting unknown network attacks using HMM models.

摘要

著录项

相似文献

相关主题

期刊订阅