节点文献
基于神经网络的入侵检测系统模型研究
Research of a Neural Network Based Intrusion Detection System Model
【作者】 姜浩;
【导师】 李汉菊;
【作者基本信息】 华中科技大学 , 计算机系统结构, 2007, 硕士
【摘要】 随着计算机网络的不断发展,网络的安全问题也日益突出,网络安全的一个主要威胁就是通过网络对信息系统的入侵。特别是存储的各种关键信息,经常遭受恶意和非法用户的攻击,使得这些信息被非法获取或破坏,严重者导致网络瘫痪。所以,对网络及其信息的保护成为重要课题。而入侵检测系统作为一种重要的网络安全技术,更是成为了当前网络安全领域的研究热点,在保障网络安全方面起着重要的作用。但由于传统的入侵检测技术存在着规则库难于管理、统计模型难以建立以及较高的误报率和漏报率等诸多问题,制约了入侵检测系统在实际应用中的效果。因此针对目前入侵检测系统存在的各种缺点和不足,提出了将神经网络运用于入侵检测的概念模型。网络入侵检测问题本质上是获取网络上的数据流量信息并根据一定的方法进行分析,来判断是否受到了攻击或者入侵,因此,入侵检测问题可以理解为模式识别问题。而人工神经网络是一种基于大量神经元广泛互联的数学模型,具有自学习、自组织、自适应的特点,在模式识别领域的应用取得了良好的效果。利用神经网络技术的自学习能力、联想记忆能力和模糊运算能力,可以对各种入侵和攻击进行识别和检测。基于这个思路,将神经网络技术和入侵检测技术相结合,建立了一个基于神经网络的入侵检测系统模型并实现了一个基于BP(Back Propagation)神经网络的入侵检测系统的原形,对原有的误差返向传播算法进行了改进以太提高收敛速度,然后对一些实际数据进行了测试和分析,在检测率,漏报率,误报率等方面取得了较好的效果。
【Abstract】 Recently, as the development of the technology of the Internet, the security problem becomes a thread of the network field. One of the threads is intrusion which is to get or destroy the important information of users. In some case it can paralyze the whole network. And Intrusion Detection System is an advanced technology for network security and is becoming one of hotspots in the network security field. It has taken great effects in safeguarding the security of our network.However, the traditional Intrusion Detecting System has some disadvantages such as difficulty in rule base administration and statistics model building, as well as high false negative and false positive rates. All of the weak points above have limited the effects of the Intrusion Detecting Systems. In order to improve the disadvantages of our Intrusion Detecting Systems, we introduce a Neural Network based Intrusion Detecting model. The principle of the Intrusion Detection is to get the information of the network traffics and then analyze them to determine whether the system is under attack. So we can look the intrusion detecting as a Pattern Recognition problem. Accordingly, Neural Networks is a mathematical model that has the characteristics of self-study, self-organization and self-adapting and has been widely use in the Pattern Recognition field. Therefore, we can use this technology to detect the intrusion in the network.Then we implement a Neural Network based Intrusion Detecting Model based on the theory above and improve the BP algorithm to increase the performance of our system model. Then we test the model use real data in the network and acquire good results.
【Key words】 Intrusion Detection; Neural Network; BP Algorithm; DFP Algorithm;
- 【网络出版投稿人】 华中科技大学 【网络出版年期】2009年 05期
- 【分类号】TP393.08
- 【被引频次】3
- 【下载频次】158