| Computer networking is one of the fastest growing technologies in our culture today, and it makes human life more convenient than before. But it is also a risk to use the convenient shared resources of network. So, the problems of network security are paid more attention to and become key points of research on network technology. The Intrusion Detection System (IDS) is a new-generation security technology after the use of traditional technology such as firewall and data encryption. Application of data fusion technique in intrusion detection is the development trend of next-generation intrusion detection system.Based on D-S evidence theory in data fusion technology, this paper applies it to distributed intrusion detection systems and gives a network intrusion early warning model. In our model, we look upon multiple detection centers as a sensor network. Each detection center gets information about the attributes as to the alert object, which constitutes evidence. According to evidence theory, we fuse the information provided by the detection centers, combine the fused data and intelligent reasoning to estimate the current situation. As a result, we can recognize the type of attack or intention of attack so as to provide decision support for recognizing and defending attacks and attackers. Thus, the early warning capability arid detection efficiency of the intrusion detection system is increased and the false positive and false negative is effectively reduced.
|
PDF Full Text Request