|
|
计算机科学 2003
Common Intrusion Detection Knowledge Self-optimization Frame
|
Abstract:
For Intrusion Detection System, it is very important that system has enough and valid detection knowledge set. This heavily depends on experience of an individual administrator. If we could have the experience of individual shared by different systems, the collaborative systems will exchange the new detection knowledge automatically. It will dramatically improve the performance of systems as a whole. This paper presents a novel idea: Intrusion Detection Knowledge Self-Optimization, gives and implements a Common Intrusion Detection Knowledge Self-optimization Frame. The frame could manage different subsystems. The same type of subsystems could share and optimize detection knowledge automatically.
