基于知識的入侵檢測研究.pdf

1、中國科學(xué)技術(shù)大學(xué)碩士學(xué)位論文基于知識的入侵檢測研究姓名：阮耀平申請學(xué)位級別：碩士專業(yè)：信號與系統(tǒng)指導(dǎo)教師：趙戰(zhàn)生莊鎮(zhèn)泉2000.5.1!!里型墊盔堂堡主堡皇苧王塑望塑△堡絲型笪塑ABSTRACTIntrusionDetectionasanessentialcomponentintheinformationassuranceframework，settlestheissuesinwhichtraditionalmethodssuchasa

2、ccesscontr01andidentificationallthenticationcouldn’tworkSomeforeigninstituteshavebeguntheresearchofthisareasincetheate】980ButbowtodetectintrusionintelligentlyandexactlyisstillanonwaystudyCurrentIntrusionDetectionSystems(

3、IDSs)thushavelimitedextensibilityinthefaceofchangedandupgradednetworkconfigurations，andpronetobehighfalse—positiveandfalsenegativeThispaperisaimedtobuildaframeworkforintrusiondetectionsystemWediscussedthedefinitionofintr

4、usionandintrusiondetectionatfirstThenaccordingtothedatasourceIDSsaredividedintohostbasedandnetworkbased，andaccordingtodetectionmethod，theyaredividedintofeature—based(anomalydetection)andknowledgebased(misusedetection)The

5、threephases，monolithic，hierarchical，andcooperativeapproacharealsointroducedBasedontheadvantageanddisadvantageoftheIDSs，ageneralframeworkispresented，whichincludinghostanomalydetection，networkmisusedetection，andacontrolten

6、terWeanalyzedUnixvulnerabilitiesjnthisPaDerThemodulesofsecurityscannerarediscussedInordertoimprovethedeficiencyofperiodicalscanning，arealtimenetwork—basedintrusiondetectionsystemwasimplementedWedetecttheintrusionattemptb

7、ycapturingthenetworkpacket，andmatchingwiththedefinedrulelibraryBasedonopensources，thefunctionofsuspectedbehaviortrackingwasaddedWealsodesignedavulnerabilitydatabaseSothroughthisdatabaseanddatabaseinterface，detectionrules

8、couldbecreatedadaptivelyaccordingtouser’soptionThendataminingalgorithmisstudiedinordertoachieveanomalydetectionThestatisticattributeofnetworkpacketwasconstructedaswellasthebasicnetworkpacketattributeThevalidityofdatamini