正常行为
- 网络Normal;normal behavior;abnormal behavior
-
入侵检测是保障Web应用系统安全的重要手段之一,利用可视化技术辅助安全专家创建轮廓有助于提高正常行为轮廓的准确程度,进而提高入侵检测性能。
Intrusion detection was an effective way to secure web applications . Using visualization technique will facilitate security experts to create normal behavior profiles more exactly , and improve the detection performance of intrusion detection .
-
该方法利用一阶齐次Markov链对网络系统中合法用户的正常行为进行建模,将Markov链的状态同用户执行的shell命令序列联系在一起,并引入一个附加状态;
The method constructs a one-order Markov chain model to represent the normal behavior profile of a network user , and associates shell command sequences with the states of the Markov chain .
-
亚洲象曾经遍布全国多地,对它们而言,迁移是一种正常行为。
Historically , Asian elephants used to live in many parts of the country .
-
在此基础上,论文构建了一个Oracle审计分析系统,实现对审计数据的分析,并形成用户正常行为模式,用于对用户行为的检测。
At last , the paper designs an Oracle auditing system , it can analysis the audit data and found users ' natural behavior to detect users ' action .
-
应用Hausdorff距离对正常行为和异常行为进行相似度测量,计算出方差,并去掉几个方差较大的项,进行实验,取得了较好的效果。
We use the Hausdorff distance on the normal and abnormal behavior similarity measurement . We calculate the variance , and remove several larger variance , the result is better .
-
俄亥俄州立大学研究人际交流的助理教授杰西•福克斯(JesseFox)表示,对于那些本就更可能突破正常行为的界限的人来说,自拍往往更有吸引力。
Selfies tend to attract a type of person already more likely to push the boundaries of normal behaviour , says Jesse Fox , an assistant professor of communications at Ohio State University .
-
通过对数据挖掘技术的研究,Oracle数据库安全审计记录特点的分析,结合对用户行为检测的目标,文章提出了一种基于关联规则和序列模式挖掘两种技术的用户正常行为模式建立的方法。
After studying the technology of data mining and connect the specialty of audit records of oracle database , this paper advances a way bases on association rules and sequence pattern to found the users ' natural behavior model .
-
将核函数方法引入入侵检测研究中,提出了一种基于核函数Fisher鉴别的异常入侵检测算法,用于监控进程的非正常行为。
Kernel method is introduced to intrusion detection and an anomaly intrusion detection method based on kernel Fisher discriminant is presented in this paper . This method is applied for monitoring the abnormal behavior of processes .
-
该模型在Snort检测模型的基础上增加了正常行为模式挖掘模块、异常检测引擎模块、数据分类模块和新规则生成模块。
In the base of the Snort detection model , the improved model increases normal behavior pattern mining module , anomaly detection engine module , data classification module and new rules generation module .
-
主题安全性的这种行为与RACF配置文件的正常行为相矛盾,后者采用最匹配的配置文件。
This behavior for topic security runs counter to the usual behavior of RACF profiles , where the profile that is the best match applies .
-
最后使用Petri网建立描述正常行为和入侵行为的模型和方法,这样就可以使看似复杂多变的事物有了一种非常直观、可以和各种算法直接相关的描述。
Lastly using Petri net set up the describe normal action and intrusion detection model and method , in this way the complex and changeful things maybe have a very intuitionist description and it could be directly correlative to kinds of arithmetic description .
-
网络流量异常指的是网络的流量行为偏离其正常行为的情形,引起网络流量异常的原因是多种多样的,例如网络设备的不良运行、网络操作异常、突发访问(FlashCrowd)、网络入侵等。
ABSTRACT Network traffic anomaly refers to the status that traffic behaviors depart from the normal behaviors . Many reasons , such as the misuse of network equipments , network operations anomaly , flash crowd , network intrusion and so on will cause network anomaly .
-
该系统模型是在Snort系统原有的基本功能模块的基础上增加了正常行为模式构建模块、异常检测模块、分类器模块、规则动态生成模块等扩展功能模块。
This paper is mixed intrusion detection system model is Snort system in the original basic function module based on increased normal behavior model construction module , anomaly detection module , classifier module , the rules , dynamic generation module function expansion module .
-
赛门铁克(Symantec)产品与服务总裁弗朗西斯?德苏扎(FrancisdeSouza)称这种方法为“大情报”,即以对网络情况和正常行为模式的更强把握构成主要防御阵线。
The result is what Francis deSouza , president of products and services at Symantec , calls " big intelligence " - in which a stronger situational awareness and a better sense of behavioural norms are the main lines of defence .
-
该算法包括以下几个主要步骤:(1)通过基于动态时间归整(DTW)的谱聚类方法获取适量的正常行为样本,对正常行为的隐马尔可夫模型(HMM)进行初始化;
The method is composed of the following steps : ( 1 ) Dynamic time warping ( DTW ) based spectral clustering method is used to obtain a small set of samples to initialize the hidden Markov models ( HMMs ) of normal behaviors ;
-
在模型中引入了树型拓扑结构,为服务器端的正常行为建模,用不同的安全相关数据生成历史轮廓,通过有序归并和基于通用序列模式(GSP)的Apriori验证发现异常行为。
A tree topology is used in the process of server behavior abstract description , consequently generates historical profile with different security related data . Anomaly behaviors among operations are detected through orderly merge and verification with Apriori algorithm based on general sequential pattern ( GSP ) .
-
它以Snort入侵检测系统框架为基础,应用数据挖掘技术构建系统正常行为模式,过滤掉网络数据流量中占绝大部分的正常数据,提高了Snort的检测效率。
It takes the frame of Snort intrusion detection system as the foundation and makes use of data mining technology to construct the normal behavior pattern of system , which filters a majority of normal data in the network data stream , therefore it improves the detecting efficiency of Snort .
-
关于异常检测中正常行为模式库创建算法的研究
The Normal Behavior Model Database Foundation Algorithm Research in Anomaly Detection
-
不愿意或不能遵照社会正常行为标准的。
Unwilling or unable to conform to normal standards of social behavior .
-
这是正常行为,因为一些警告只与优化代码有关。
This is normal behavior because some warnings relate only to optimized code .
-
基于熵的正常行为规则性度量
Entropy-based Method to Measure Regularity of Normal Behaviors
-
老是对别人的一些正常行为大惊小怪的。
Continue to be flabbergasted every time someone actually acts like a human being .
-
网络流量正常行为模型的建立
Model ing normal behavior of network traffic
-
而停止用药的老鼠又恢复到原来的肠道菌群平衡及正常行为表现。
And taking the mice off the drug restored their original intestinal balance and behavior .
-
大学生恋爱和结婚是正常行为和正当权利;
The university student falls in love or marry are normal behavior and legitimate right ;
-
对正常行为的描述是异常检测系统必须要解决好的核心问题之一。
Describing normal behaviors is one of the difficulties that an anomaly detection system faces .
-
同时对节点的客观评价行为进行激励,以激励节点的正常行为。
This paper rewarded the objective evaluation of the nodes to incentive the normal behavior .
-
数据挖掘技术可以从海量审计数据中发现各种入侵行为和正常行为模式,将数据挖掘技术引入入侵检测中,将有效提高入侵检测系统的检测效率和自适应性。
Data mining technology can discover intrusion and normal behavior patterns from a variety of mass audit data .
-
计算机安全领域的一个最大的挑战就是区分正常行为和可疑行为。
In the field of computer security , distinguish the normal and suspicious behavior is the greatest challenge .
-
对特定的社会而言,正常行为是特定社会预期范围之内的行为。
A normal action is one which falls well within the limits of expected behavior for a particular society .