| Recently, network has a great development in the world, while the secret problem of network is standing out. The main threat comes from intrusions on network. At the same time, Intrusion technique has a great development and changes. So to detect and protect computer system and network system and all the foundation of information establishment have been a urgent project.On the base of analyzing the structure, building methods and running characters of the Intrusion Detection System, and according to the practical requirements, this paper puts forward an Intrusion Detection Expert System Based on CVE (Common Vulnerabilities and Exposures). The main research objects are the exposures in CVE. After discuss the characters and structure of CVE, an Intrusion Detection Knowledge base has been built. The main task of this paper is the research and implement of reasoning engine, which is the kernel of this IDES. For the main body of the intrusion is coming indirect, the scope of it larger, the techniques are distributing and the object is changing, the Intrusion Detection System must improve its response speed, data analyzing speed and reduce the miss rate and false alarm rate. This system uses both Parallel Reasoning and Fuzzy Reasoning techniques. Consequently, this system has low false alarm rate as well as low miss alarm rate. What's more, it has real-time data analyzing and responds on time. All these characters make this Intrusion Detection Expert System have much more protecting capacity.Using both Parallel Reasoning and Fuzzy Reasoning in the Intrusion Detection Expert System providing a new strategy for the practical application and deep research of IDES. With the improving and enhance of the technique, a much safer, reliable, and efficient real time IDES based on CVE can be built and have a much wider foreground.
|
PDF Full Text Request