|Table of Contents|

Synergetic Intrusion Detection System Based on Fuzzy Petri Net

《南京理工大学学报》(自然科学版)[ISSN:1005-9830/CN:32-1397/N]

Issue:
2008年06期
Page:
738-742
Research Field:
Publishing date:

Info

Title:
Synergetic Intrusion Detection System Based on Fuzzy Petri Net
Author(s):
QIAN Yu-wenWANG FeiKONG Jian-shouWANG Zhi-quan
School of Automation,NUST,Nanjing 210094,China
Keywords:
network security intrusion detection fuzzy Petri net load balance
PACS:
TP393.08
DOI:
-
Abstract:
To organize several different intrusion detectors to detect different kinds of intrusion,the synergetic intrusion detection system based on fuzzy Petri is proposed.The algorithm of fuzzy Petri net is based on information of workloads.It can send the intrusion data to appropriate intrusion detectors according to intrusion types,and make the workloads of these detectors average.The algorithm can detect both different multi-step attacks and different single attacks.System simulation result shows that all of the multi-step attacks can be detected cooperatively by several detectors and 92% of the intrusion data can be sent to the right intrusion detectors.

References:

[1] Chen S, Cheung S, Crawford R, et al. GrIDS: A graph based intrusion detection system for large networks[A ]. The 19th National System Security Conference [ C ]. USA Baltimore: UCD, 1996. 361 - 370.
[2] Hochberg J, Jackson K, Stalling C, et al. NAD IR: An automated system for detecting network intrusion andmis2 use[J ]. Computer and Security, 1993, 12 (3) : 235 - 248.
[3] Standford C S, Tung B, Schnackenberg D, et al. The common intrusion detection framework (CIDF) [ J ]. The Information Survivation, 2001, 10 (8) : 276 - 295.
[4] 伍星,唐正军,单蓉胜,等. 基于Snort和Acid的协 同入侵检测系统设计与实现[ J ]. 计算机工程, 2004, 30 (14) : 181 - 182.
[5] 韩宗芬,陶智飞,杨思睿,等. 一种基于自治域的协 同入侵检测与防御机制[ J ]. 华中科技大学学报 (自然科学版) , 2006 (12) : 53 - 55.
[6] 李仁发,李红,喻飞,等. 入侵检测系统中负载均衡 研究与仿真[ J ]. 系统仿真学报, 2004, 16 (7) : 1 444 - 1 449.
[7] 周莲英,刘凤玉. 基于“群集智能”的入侵检测系统 研究[ J ]. 南京理工大学学报(自然科学版) , 2006, 30 (5) : 587 - 591.
[8] 张琨,曹宏鑫,刘凤玉,等. 一种基于SVM的网络入 侵检测模型[ J ]. 南京理工大学学报(自然科学 版) , 2007, 31 (4) : 403 - 408.
[9] 孙知信,唐益慰,张伟,等. 基于特征聚类的路由器 异常流量过滤算法[ J ]. 软件学报, 2006, 17 (2) : 295 - 304.
[10] 李昀. 面向入侵检测的模式匹配算法研究[ J ]. 计 算机工程与应用, 2003, 39 (6) : 1 - 2.
[11] SirisV A, Papagalou F. App lication of anomaly detec2 tion algorithms for detecting SYN flooding attacks[A ]. Global Telecommunications Conference [ C ]. Dallas, USA: IEEE, 2004. 2 050 - 2 054.
[12] 何新贵. 模糊Petri网[ J ]. 计算机学报, 1994, 17 (12) : 946 - 950.
[13] 贾立新,薛钧义,茹峰. 采用模糊Petri网的形式化 推理算法及其应用[ J ]. 西安交通大学学报, 2003, 12 (37) : 1 263 - 1 266.

Memo

Memo:
-
Last Update: 2008-12-30