| With the rapid development of Internet, with the constant enlargement of the range of network application, network suffers more and more hackers' malicious attacks. Security problem of computer and network has already become an internationalized problem. In the face of so many challenges and threats, the technology of intrusion detection and intrusion defense will be bound to become one of the key technologies in the current security audit. Detection and Control are regarded as the essence of intrusion detection technology, the intrusion detection technology plays a role of active defense, and it is an important part of network security. With the constant development of network, network becomes more complicated, traditional intrusion detection technology can't meet the increasing security demands required by customers. Therefore, the extant technology of intrusion detection needs to get further improvement, and it also has great improvement space. Firstly, the thesis researches intelligence anomaly intrusion detection technology based on Bayesian Network. The main purpose of the research is to predict some unknown intrusion behaviors and to improve the learning ability of system by utilizing the intelligence anomaly intrusion detection technology, so the active defense ability of system is strengthened greatly. Secondly, in order to remedy some deficiencies of Bayesian Network based on Na?ve Bayesian, the thesis proposes an improvement model of Bayesian Network based on Na?ve Bayesian. Finally, to the deficiencies of the system based on anomaly detection technology, the thesis proposes a new framework of an intelligence hybrid host-based intrusion detection system, the detection technology of the system is to combine anomaly detection technology based on Bayesian Network and other detection mechanisms. Thus the detection accuracy can be improved, and the false positive rate and the false negative rate can be reduced greatly. The research subject of the thesis is a subproject of the research project of the survivable network based on LINUX platform, the research project is supported by Science and Technique Commission of Chongqing. The serial number of the research project contract is 7970. It is proved that the method is effectual through a large number of experimental data.The main achievements of these studies include the following parts:The thesis researches and analyses the present situation of information and network security and extant protection mechanism and threat faced. The thesis researches the history of intrusion detection, the domestic and foreign status quo of intrusion detection. And the thesis researches the methods of tradition intrusion detection. At the same time the thesis also researches the history of Bayesian Network, the development status quo of Bayesian Network and its application areas. On the basis of that the thesis puts forward the future developments. Thus the thesis expounds the origin, the significance and the main achievements of the research subject.To the deficiencies of extant intrusion detection technology the thesis proposes a new framework of an intelligence hybrid host-based intrusion detection system based on Bayesian Network.To anomaly detection mechanism the thesis puts forward some parameters that are suitable for anomaly detection based on Bayesian Network. The thesis analyses the deficiencies of Bayesian Network based on Na?ve Bayesian, the thesis puts forward an improvement model of Bayesian Network based on Na?ve Bayesian. The thesis researches and designs the inference rule of anomaly intrusion detection system based on Bayesian Network, the learning rule of feature parameters used by anomaly intrusion system based on Bayesian network, and designs data structure of Bayesian Network and the relevant algorithms.
|
PDF Full Text Request