吉林大学学报(信息科学版)2023,Vol.41Issue(6):983-989,7.
主机安全入侵防护数据检测中的关联置信度判断
Reliability Analysis of Host Security Intrusion Protection for Data Association
摘要
Abstract
When the host has intrusion data with delayed response characteristics,the existing judgment mode is disconnected from the delayed data,resulting in distorted judgment of data association confidence between nodes and failure of intrusion detection.A method to judge the confidence of intrusion data association is proposed.Under the host security protection framework,the host firewall packet filtering technology is used to eliminate abnormal data.The security node is placed in the host by distributed deployment,and intrusion detection is carried out by using mathematical model technology.By analyzing the association between normal data,the association confidence between data is determined,and then the intrusion judgment is completed.The experimental results show that the security and effectiveness of the host security protection system are verified by testing the successful times of virus and Trojan attacks with delay characteristics,the time used for packet monitoring,and the functional coverage.关键词
数据关联分析/主机安全防护/系统设计/防火墙数据包过滤/延迟特征Key words
data association analysis/host safety protection/system design/firewall packet filtering/delay characteristics分类
信息技术与安全科学引用本文复制引用
张小陆,沈伍强,崔磊..主机安全入侵防护数据检测中的关联置信度判断[J].吉林大学学报(信息科学版),2023,41(6):983-989,7.基金项目
广东省教育厅专项科学研究计划基金资助项目(21JK0813) (21JK0813)
