首页>
外国专利>
INTRUSION DETECTION ENGINE BASED ON GENETIC ALGORITHM FOR PROTECTING INFORMATION IN A C4ISR SYSTEM, A SPECIAL INFORMATION SYSTEM AND A MILITARY INFORMATION SYSTEM AND A METHOD THEREOF FOR DETECTING VARIOUS MUTANT PATTERNS
INTRUSION DETECTION ENGINE BASED ON GENETIC ALGORITHM FOR PROTECTING INFORMATION IN A C4ISR SYSTEM, A SPECIAL INFORMATION SYSTEM AND A MILITARY INFORMATION SYSTEM AND A METHOD THEREOF FOR DETECTING VARIOUS MUTANT PATTERNS
PURPOSE: An intrusion detection engine based on genetic algorithm for protecting information in a C4ISR system, a special information system and a military information system and a method thereof are provided to establish the new intrusion detection rule through the genetic algorithm and detect an intrusion through various steps, thereby detecting a cyber intrusion of an enemy based on various patterns.;CONSTITUTION: An intrusion detection rule with patterns is established(S110). It is determined whether an intrusion or not by comparing and analyzing a detection object and the intrusion detection rule(S120). A pattern which appropriateness of the pattern is higher than predetermined appropriateness is selected as a parent pattern among the patterns by using a comparing/analyzing result(S130). The new children pattern is generated through genetic algorithm of the parent pattern and the new intrusion detection rule composed of the generated children pattern is established(S140). It is determined whether the final intrusion or not by repeatedly performing steps(S180).;COPYRIGHT KIPO 2013;[Reference numerals] (AA,CC,FF) Yes; (BB,DD,EE) No; (S110) Establishing intrusion detection with a plurality of patterns; (S120) Is it intrusion based on a comparison analysis result with an intrusion object and the intrusion detection?; (S130) Parent pattern selection which suitability is high in an intrusion detection rule; (S140) Generating the new children pattern through genetic algorithm and setting the new intrusion detection; (S150) Is it the intrusion based on the comparison analysis result with the intrusion object and the intrusion detection?; (S180) Determining whether the intrusion or not
展开▼