[1]钱玉文,王飞,孔建寿,等.基于模糊Petri网的协同入侵检测系统[J].南京理工大学学报(自然科学版),2008,(06):738-742.
 QIAN Yu-wen,WANG Fei,KONG Jian-shou,et al.Synergetic Intrusion Detection System Based on Fuzzy Petri Net[J].Journal of Nanjing University of Science and Technology,2008,(06):738-742.
点击复制

基于模糊Petri网的协同入侵检测系统
分享到:

《南京理工大学学报》(自然科学版)[ISSN:1005-9830/CN:32-1397/N]

卷:
期数:
2008年06期
页码:
738-742
栏目:
出版日期:
2008-12-30

文章信息/Info

Title:
Synergetic Intrusion Detection System Based on Fuzzy Petri Net
作者:
钱玉文;王飞;孔建寿;王执铨;
南京理工大学自动化学院,江苏南京210094
Author(s):
QIAN Yu-wenWANG FeiKONG Jian-shouWANG Zhi-quan
School of Automation,NUST,Nanjing 210094,China
关键词:
网络安全 入侵检测 模糊Petri网 负载平衡
Keywords:
network security intrusion detection fuzzy Petri net load balance
分类号:
TP393.08
摘要:
为将不同类型的入侵检测器组织起来,协同检测不同类型的入侵,提出了基于模糊Petri网的协同入侵检测方法。采用基于负载信息的模糊Petri网推理算法,区分不同类型的入侵并选择相应的入侵检测器,同时使多个入侵检测器承担的检测任务相对均匀。设计了基于模糊Petri网的协同入侵检测系统,通过多个入侵检测器联合检测多种入侵组成的复合入侵,又可以检测不同类型的单个入侵。仿真结果表明,所有的复合入侵能够被多个检测器协同地检测,且92%的入侵数据能够迁移到合适的检测器上。
Abstract:
To organize several different intrusion detectors to detect different kinds of intrusion,the synergetic intrusion detection system based on fuzzy Petri is proposed.The algorithm of fuzzy Petri net is based on information of workloads.It can send the intrusion data to appropriate intrusion detectors according to intrusion types,and make the workloads of these detectors average.The algorithm can detect both different multi-step attacks and different single attacks.System simulation result shows that all of the multi-step attacks can be detected cooperatively by several detectors and 92% of the intrusion data can be sent to the right intrusion detectors.

参考文献/References:

[1] Chen S, Cheung S, Crawford R, et al. GrIDS: A graph based intrusion detection system for large networks[A ]. The 19th National System Security Conference [ C ]. USA Baltimore: UCD, 1996. 361 - 370.
[2] Hochberg J, Jackson K, Stalling C, et al. NAD IR: An automated system for detecting network intrusion andmis2 use[J ]. Computer and Security, 1993, 12 (3) : 235 - 248.
[3] Standford C S, Tung B, Schnackenberg D, et al. The common intrusion detection framework (CIDF) [ J ]. The Information Survivation, 2001, 10 (8) : 276 - 295.
[4] 伍星,唐正军,单蓉胜,等. 基于Snort和Acid的协 同入侵检测系统设计与实现[ J ]. 计算机工程, 2004, 30 (14) : 181 - 182.
[5] 韩宗芬,陶智飞,杨思睿,等. 一种基于自治域的协 同入侵检测与防御机制[ J ]. 华中科技大学学报 (自然科学版) , 2006 (12) : 53 - 55.
[6] 李仁发,李红,喻飞,等. 入侵检测系统中负载均衡 研究与仿真[ J ]. 系统仿真学报, 2004, 16 (7) : 1 444 - 1 449.
[7] 周莲英,刘凤玉. 基于“群集智能”的入侵检测系统 研究[ J ]. 南京理工大学学报(自然科学版) , 2006, 30 (5) : 587 - 591.
[8] 张琨,曹宏鑫,刘凤玉,等. 一种基于SVM的网络入 侵检测模型[ J ]. 南京理工大学学报(自然科学 版) , 2007, 31 (4) : 403 - 408.
[9] 孙知信,唐益慰,张伟,等. 基于特征聚类的路由器 异常流量过滤算法[ J ]. 软件学报, 2006, 17 (2) : 295 - 304.
[10] 李昀. 面向入侵检测的模式匹配算法研究[ J ]. 计 算机工程与应用, 2003, 39 (6) : 1 - 2.
[11] SirisV A, Papagalou F. App lication of anomaly detec2 tion algorithms for detecting SYN flooding attacks[A ]. Global Telecommunications Conference [ C ]. Dallas, USA: IEEE, 2004. 2 050 - 2 054.
[12] 何新贵. 模糊Petri网[ J ]. 计算机学报, 1994, 17 (12) : 946 - 950.
[13] 贾立新,薛钧义,茹峰. 采用模糊Petri网的形式化 推理算法及其应用[ J ]. 西安交通大学学报, 2003, 12 (37) : 1 263 - 1 266.

相似文献/References:

[1]苘大鹏,杨武,杨永田,等.基于攻击图的网络脆弱性分析方法[J].南京理工大学学报(自然科学版),2008,(04):416.
 MAN Da-peng,YANG Wu,YANG Yong-tian.Method Based on Attack Graph for Network Vulnerability Analysis[J].Journal of Nanjing University of Science and Technology,2008,(06):416.
[2]戴江山,肖军模.一种基于可控网络的攻击源定位方法[J].南京理工大学学报(自然科学版),2005,(03):356.
 DAI Jiang-shan,XIAO Jun-mo.Method of Tracing Attacks Based on Controllable Network[J].Journal of Nanjing University of Science and Technology,2005,(06):356.
[3]张琨,徐永红,王珩,等.基于免疫学的入侵检测系统模型[J].南京理工大学学报(自然科学版),2002,(04):337.
 ZhangKun XuYonghong WangHeng LiuFengyu.Model of Intrusion Detection System Based on Immunology[J].Journal of Nanjing University of Science and Technology,2002,(06):337.
[4]吴永森.高保密性能的LAN-PABX局部网络研究[J].南京理工大学学报(自然科学版),1995,(04):343.
 Wu Yongseng.The Design of High Securty LAN-PABX Local Network[J].Journal of Nanjing University of Science and Technology,1995,(06):343.
[5]刘 刚,张 宏,李千目.基于博弈模型的网络安全最优攻防决策方法[J].南京理工大学学报(自然科学版),2014,38(01):12.
 Liu Gang,Zhang Hong,Li Qianmu.Network security optimal attack and defense decision-making method based on game model[J].Journal of Nanjing University of Science and Technology,2014,38(06):12.
[6]李 熠,李永忠.基于自编码器和极限学习机的工业控制网络入侵检测算法[J].南京理工大学学报(自然科学版),2019,43(04):408.[doi:10.14177/j.cnki.32-1397n.2019.43.04.005]
 Li Yi,Li Yongzhong.Intrusion detection algorithm for industrial control networksbased on auto-encoder and extreme learning machine[J].Journal of Nanjing University of Science and Technology,2019,43(06):408.[doi:10.14177/j.cnki.32-1397n.2019.43.04.005]

备注/Memo

备注/Memo:
基金项目:江苏省自然科学基金( bk2004421)  作者简介:钱玉文(1975 - ) ,男,江苏南京人,讲师,主要研究方向:网络安全,信息隐藏,模式识别, E_mail: ad2 mon1999@163. com。
更新日期/Last Update: 2008-12-30