%0 Journal Article
%T Design and implementation of malicious code detection system based on AEC<br>基于AEC的恶意代码检测系统的设计与实现
%A LI Xiao-dong
%A LI Yi-chao
%A <br>李晓冬
%A 李毅超
%J 计算机应用
%D 2007
%I 
%X In order to deal with the deficiency of current malicious code detection methods, an efficient detection method AEC for Multi-stage attack was proposed, and a new detection system based on AEC was designed and implemented. This system combined the misuse detection with anomaly detection methods, classified the single event in the network based on Active Event Correlation (AEC), and correlatively analysed each sort of events. Meanwhile, statistical model was used for further analysis. At last, it can effectively recognize multi-stage attacks, stop incomplete attack stages, and give network administrators meaningful and concise alerts.
%K misuse detection
%K anomaly detection
%K Active Event Correlation (AEC) detection
%K traffic statistic<br>误用检测
%K 异常检测
%K 活动事件关联检测
%K 流量统计
%K 恶意代码
%K 检测系统
%K 设计
%K based
%K system
%K detection
%K code
%K implementation
%K 意义
%K 网络管理员
%K 统计结果
%K 数据流量
%K 时间
%K 系统结合
%K 关联分析
%K 类事件
%K 分类
%K 思想
%K 异常
%K 分析技术
%U http://www.alljournals.cn/get_abstract_url.aspx?pcid=5B3AB970F71A803DEACDC0559115BFCF0A068CD97DD29835&cid=8240383F08CE46C8B05036380D75B607&jid=831E194C147C78FAAFCC50BC7ADD1732&aid=14E16CBD27430512CD99E9E523119103&yid=A732AF04DDA03BB3&vid=DB817633AA4F79B9&iid=B31275AF3241DB2D&sid=40DE18199B7CA9BB&eid=A126866E01788114&journal_id=1001-9081&journal_name=计算机应用&referenced_num=0&reference_num=5