normal stock method 中文意思是什麼

normal stock method 解釋
法正蓄積法
  • normal : adj 1 正常的,平常的,普通的;平均的。2 正規的,標準的,額定的,規定的。3 智力正常的,精神健全的...
  • stock : n 〈德語〉 滑雪手杖。n 1 (樹等的)干,根株,根莖。2 【園藝】砧木;苗木;原種。3 〈古語〉木塊,木...
  • method : n 1 方法,方式;順序。2 (思想、言談上的)條理,規律,秩序。3 【生物學】分類法。4 〈M 〉【戲劇】...
  1. The essence of edid is to set up a normal behavior fuzzy sub collection a on the basis of watching the normal system transfer of the privilege process, and set up a fuzzy sub collection b with real time transfer array, then detect with the principle of minimum distance in fuzzy discern method the innovation point of this paper is : put forward the method of edid, can not only reduce efficiently false positive rate and false negative rate, also make real time intrusion detection to become possibility ; have independent and complete character database, according to the classification of monitoring program, design normal behavior and anomaly behavior etc., have raised the strongness of ids ; use tree type structure to preservation the character database, have saved greatly stock space ; in detection invade, carry out frequency prior principle, prior analysis and handling the behavior feature of high frequency in information table, have raised efficiency and the speed of detection, make real time intrusion detection to become possibility ; have at the same time realized anomaly intrusion detection and misuse intrusion detection, have remedied deficiency of unitary detection method

    這種方法的實質是在監控特權進程的正常系統調用基礎上建立正常行為模糊子集a ,用檢測到的實時調用序列建立模糊子集b ,然後用模糊識別方法中的最小距離原則進行檢測。本文的創新點是:通過對特權進程的系統調用及參數序列的研究,提出了基於euclidean距離的入侵檢測方法edid ,不僅能有效降低漏報率和誤報率,而且使實時入侵檢測成為可能;設計有獨立而完整的特徵數據庫,根據被監控程序的類別,分別設計正常行為、異常行為等,提高了檢測系統的強健性和可伸縮性;特徵數據庫按樹型結構存儲,大大節省了存儲空間;在檢測入侵時,實行頻度優先原則,優先分析和處理信息表中的高頻度行為特徵,提高檢測的速度和效率,使實時入侵檢測成為可能;同時實現了異常入侵檢測和誤用入侵檢測,彌補了單一檢測方法的不足。
分享友人