电信科学

• • 上一篇    下一篇

基于系统行为分析的异常检测技术研究

周彬彬,崔宝江,杨义先   

  1. 北京邮电大学;北京邮电大学;北京邮电大学
  • 出版日期:2009-02-15 发布日期:2009-02-15
  • 基金资助:
    国家“863”计划基金资助项目(No.2007AA01Z466和No.2008AA011004)

Research About System-behavior-based Anomaly Detection Technologies

Zhou Binbin,Cui Baojiang and Yang Yixian   

  1. Beijing University of Posts and Telecommunications;Beijing University of Posts and Telecommunications;Beijing University of Posts and Telecommunications
  • Online:2009-02-15 Published:2009-02-15

被引次数

5

摘要: 本文介绍了入侵检测系统中的行为分析技术。针对HIDS异常检测技术中的静态行为分析技术和动态行为分析技术的技术原理、发展历史、研究现状和应用效果进行了分析,尤其对系统行为分析方法进行了重点分析。最后对基于行为分析技术的HIDS的发展趋势进行了展望,总结了HIDS目前的研究进展和在今后应当主要关注的问题。

Abstract: This paper gives an overview of different kinds of behavior-based anomaly detection technologies. It compares two classes of IDS-HIDS and NIDS, introduces the role of HIDS in Internet security and the classification of technologies it adopts. After that, it describes both static analysis technologies of HIDS anomaly detection by explaining their basic concepts, development and effects, with a focus on system-behavior based methods. At last, this paper concludes the current situation, future hot topics and prospect of behavior-based HIDS.

No Suggested Reading articles found!