정보보호학회지 (Review of KIISC)
- 제5권2호
- /
- Pages.32-48
- /
- 1995
- /
- 1598-3978(pISSN)
비정상적인 컴퓨터 행위 방지를 위한 실시간 침입 탐지 병렬 시스템에 관한 연구
Real-time Intrusion-Detection Parallel System for the Prevention of Anomalous Computer Behaviours
초록
Our paper describes an Intrusion Detection Parallel System(IDPS) which detects an anomaly activity corresponding to the actions that interaction between near detection events. IDES uses parallel inductive approaches regarding the problem of real-time anomaly behavior detection on rule-based system. This approach uses sequential rule that describes user's behavior and characteristics dependent on time. and that audits user's activities by using rule base as data base to store user's behavior pattern. When user's activity deviates significantly from expected behavior described in rule base. anomaly behaviors are recorded. Observed behavior is flagged as a potential intrusion if it deviates significantly from the expected behavior or if it triggers a rule in the parallel inductive system.
키워드