profile anomaly 中文意思是什麼
profile anomaly
解釋
剖面異常-
The construction of network traffic usage profile is first important in anomaly detection
異常檢測的難點在於怎樣準確的描述用戶行為模式輪廓( profile ) 。 -
Based on the mechanism of computer immune system, this paper presents a new anomaly detection technique to detect intrusion into computer system. in this technique, a markov chain model is used to represent a temporal profile of normal behavior of a process. the markov chain model of normal profile can be created by learning the historic data of the sequence of system calls produced by privileged processes running on unix system
傳統的入侵檢測技術,依照所基於的原則不同,通常分為誤用入侵檢測與異常入侵檢測,本文在入侵研究中所採用的計算機系統免疫思想的基礎上,提出了一種新的異常入侵檢測技術,通過對( unix系統)特權進程系統調用序列的歷史數據的學習,用馬爾可夫鏈模型來建立特權進程的正常時態行為輪廓。 -
Meanwhile, a major problem in anomaly detection is that system can issue false alarms when there are modifications in the normal system behavior ; therefore, we present an adaptive data - mining framework for anomaly detection. the normal profile can be updated at regular intervals, and as a result, false alarms are significantly reduced
同時,在異常檢測系統中,當用戶或系統行為的正常輪廓發生變化時,由於檢測所需的規則庫不能及時的更新,容易造成將用戶或系統的正常行為誤報為入侵的情況,因此,文中介紹了一個構造自適應系統的方法,通過這種方法,規則庫可以自動的更新,並可以有效的減少誤報。
分享友人