%0 Journal Article
%T Danger model-based three-level-module intrusion detection system<br>基于危险模型的三级模块式入侵检测系统
%A ZHAO Lin-hui
%A DAI Ya-ping
%A FU Dong-mei
%A DONG Fang-yan
%A <br>赵林惠
%A 戴亚平
%A 付东梅
%A 董芳艳
%J 计算机应用
%D 2006
%I 
%X Based on Danger theory and data fusion technology, a new Danger model-inspired three-level-module intrusion detection system was presented. Also, an adaptive decision templates algorithm was derived, realizing the online automatic regulation on detection templates. There are two characteristics of the system. First, when it is difficult to distinguish current behaviors according to the present knowledge, this system will discriminate them by means of danger signals, thus false alarms are reduced and the ability of identifying novel attacks is enhanced. Second, the adaptive decision templates algorithm allows detection templates to modify dynamically without periodical updating, which enables the system to be adapted to a changing environment, and also increases the accuracy on unknown attacks. Experimental results on test data from KDD-CUP-99 database were reported to show the effectiveness of this system.
%K danger theory
%K danger model
%K intrusion detection
%K data fusion<br>危险理论
%K 危险模型
%K 入侵检测
%K 数据融合
%U http://www.alljournals.cn/get_abstract_url.aspx?pcid=5B3AB970F71A803DEACDC0559115BFCF0A068CD97DD29835&cid=8240383F08CE46C8B05036380D75B607&jid=831E194C147C78FAAFCC50BC7ADD1732&aid=0B7EE6EE2A7CA7D1&yid=37904DC365DD7266&vid=96C778EE049EE47D&iid=F3090AE9B60B7ED1&sid=0F47065E4B85EC48&eid=803216C5F01D2528&journal_id=1001-9081&journal_name=计算机应用&referenced_num=0&reference_num=9