| SA算法在基于模型推理入侵检测中的应用 |
| |
| 引用本文: | 陈波,于泠,肖军模.SA算法在基于模型推理入侵检测中的应用[J].电子科技大学学报(社会科学版),2005(1). |
| |
| 作者姓名: | 陈波 于泠 肖军模 |
| |
| 作者单位: | 解放军理工大学通信工程学院 南京210007
(陈波,于泠),解放军理工大学通信工程学院 南京210007(肖军模) |
| |
| 基金项目: | 国家自然科学基金资助项目(69931040) |
| |
| 摘 要: | 鉴于模型推理的入侵检测方法,需要在庞大的审计记录空间中搜索巨量的攻击脚本子集中的最优值,对于这一NP类完全问题,提出了应用模拟退火算法。并建立了攻击检测的优化问题模型,给出了攻击检测实验中的解空间、目标函数、新解的产生和接受准则,得到了一个合理的冷却进度表,并对实验中的模拟退火算法进行了并行化研究。实验证明,与传统的贪心算法相比,应用模拟退火算法提高了进化速度和全局寻优能力,较好地解决了搜索效率问题。
|
| 关 键 词: | 模拟退火算法 模型推理 入侵检测 网络安全 |
An Application of Simulated Annealing Algorithm in Model-Based Reasoning Intrusion Detection |
| |
| CHEN Bo,YU Ling,XIAO Jun-mo.An Application of Simulated Annealing Algorithm in Model-Based Reasoning Intrusion Detection[J].Journal of University of Electronic Science and Technology of China(Social Sciences Edition),2005(1). |
| |
| Authors: | CHEN Bo YU Ling XIAO Jun-mo |
| |
| Abstract: | It is needed to search among all the possible attack subsets and to match the events recorded in the audit trail. To make a decision about the realism of the hypothesis corresponding to a particular subset is difficult in model-based reasoning Intrusion Detection System. We present using Simulated Annealing(SA) algorithm to solve this NP-complete problem. Modeling a optimizing issue of attack detection first, and give the solve space, the target function, the creation of new solution and accept the standard, we got a reasonable cooling schedule. The parallelization of SA algorithm is also presented. The experiments indicate that the SA algorithm can improve the evolution speed and the abilities of seeking the global excellent result, and resolve to the efficiency problem of searching well. |
| |
| Keywords: | simulated annealing algorithm model-based reasoning intrusion detection network security |
| 本文献已被 CNKI 等数据库收录! |
|
