摘要: A model of a real-time intrusion-detection expert system capable detecting break-ins, penetrations, and other forms computer abuse is described. The based on the hypothesis that security violations can be detected by monitoring system's audit records for abnormal patterns usage. includes profiles representing behavior subjects with respect to objects in terms metrics statistical models, rules acquiring knowledge about this from anomalous behavior. independent any particular system, application environment, vulnerability, or type intrusion, thereby providing framework general-purpose system.
computer.org
sci-hub.se 参考文章(0)