首页|期刊导航|网络与信息安全学报|基于异构执行体同步控制的入侵检测模型研究

基于异构执行体同步控制的入侵检测模型研究

于洪朱正彬魏帅郭威兰巨龙

网络与信息安全学报2025，Vol.11Issue(1)：54-65,12.

网络与信息安全学报2025，Vol.11Issue(1)：54-65,12.DOI:10.11959/j.issn.2096-109x.2025006

基于异构执行体同步控制的入侵检测模型研究

Research on intrusion detection model based on synchronization of heterogenous executer

于洪 ¹朱正彬 ¹魏帅 ¹郭威 ¹兰巨龙²

作者信息

1. 信息工程大学,河南郑州 450001
2. 信息工程大学,河南郑州 450001||嵩山实验室,河南郑州 450018
折叠

摘要

Abstract

Intrusion detection and cybersecurity situational awareness technologies based on machine learning and deep learning have generally been limited by their reliance on prior knowledge and pre-training,which restricts their accuracy in detecting various types of attacks.The dynamic heterogeneous redundancy(DHR)construction tech-nique,which detects attacks by evaluating the behavioral consistency of heterogeneous executers,offers a new per-spective for intrusion detection.Based on this concept,a novel intrusion detection model called IDHES was proposed.This model was capable of detecting multiple types of intrusions without requiring pre-training.Additionally,synchro-nization of the target functions of heterogeneous executers was achieved through internal and external event conver-sions,thereby reducing the false positive rate caused by the heterogeneity of executers.Through theoretical analysis of the model,it was concluded that the detection accuracy of the IDHES model depends solely on the success rate of coor-dinated attacks by heterogeneous executers and the efficiency of target function synchronization.To verify the effec-tiveness of the model,a prototype MCU system based on the DHR architecture was constructed,and the target func-tion synchronization method was implemented through internal and external event conversions.Finally,the attack de-tection capability of the model was tested using white-box instrumentation.The test results confirm the conclusion that the detection accuracy of the IDHES model depends solely on the success rate of coordinated attacks by heteroge-neous executers and the efficiency of target function synchronization.Furthermore,the results demonstrate that IDHES can perform real-time detection of various types of attacks without relying on prior knowledge or pre-training.

关键词

入侵检测/攻击感知/内生安全/执行体同步/动态异构冗余

Key words

intrusion detection/attack awareness/endogenous security/executer synchronization/dynamic heterog-enous redundancy

分类

计算机与自动化

引用本文复制引用

于洪,朱正彬,魏帅,郭威,兰巨龙..基于异构执行体同步控制的入侵检测模型研究[J].网络与信息安全学报,2025,11(1):54-65,12.

基金项目

国家重点研发计划(2022YFB4401401) The National Key R&D Program of China(2022YFB4401401) （2022YFB4401401）

网络与信息安全学报

ISSN：2096-109X

访问量0

下载量0

段落导航