您的位置:山东大学 -> 科技期刊社 -> 《山东大学学报(理学版)》

J4 ›› 2011, Vol. 46 ›› Issue (9): 77-80.

• CTCIS 2011 会议 • 上一篇    下一篇

基于信任度量机制的分布式入侵检测系统

陈佩剑1,杨岳湘2,唐川2   

  1. 1.国防科学技术大学计算机学院, 湖南 长沙 410073;
    2.国防科学技术大学信息中心, 湖南 长沙 410073
  • 收稿日期:2011-05-19 出版日期:2011-09-20 发布日期:2011-09-08
  • 作者简介:陈佩剑(1985- ),男,硕士研究生,主要研究方向为信息安全. Email:chenpeijian@nudt.edu.cn
  • 基金资助:

    国家863重点基金项目(2008AA01Z407);湖南省自然科学基金项目(07JJ5084);广东省科技计划项目资助(2009B080701031)

Honesty-rate measuring based distributed intrusion detection system

CHEN Pei-Jian1, YANG Yue-Xiang2, TANG Chuan2   

  1. 1. School of Computer Science, National University of Defense Technology, Changsha 410008, Hunan, China;
    2. Information Center, National University of Defense Technology, Changsha 410073, Hunan, China
  • Received:2011-05-19 Online:2011-09-20 Published:2011-09-08

摘要:

针对现有分布式入侵检测系统中的安全和信任问题,引入节点间信任度量机制。系统中所有协同节点初始信任值均为1,根据节点的状态和行为信息,信任值将动态增大或者减小。通过比较信任值来去除或者减小恶意节点的有害信息影响,从而减少系统的错报和误报。典型案例分析发现,引入信任度量机制的分布式入侵检测系统能有效提高检测的准备度,增强检测能力。

关键词: 信任度量机制;分布式;入侵检测; ossec

Abstract:

A novel honesty-rate measuring based approach is proposed to improve the security and trust of distributed intrusion detection systems. All the cooperative nodes join the system with an initial value of 1 for an honesty rate. The honesty rate of a node dynamically increases or decreases depending on its status and behavior. The proposed approach compares the honesty rate of each node to eliminate or reduce the impact of harmful information from the malicious nodes, and then reduces the false positives and false negatives of the intrusion systems. The experiments and analyses of a representative case confirm the ability of the proposed approach improves detection accuracy and detection capability.

Key words:  honesty-rate measuring; distributed; intrusion detection; ossec

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!