作者机构:
[马长林] Department of Computer Science, Central China Normal University, Wuhan 430079, China;[方华京] Department of Control Science and Engineering, Huazhong University of Science and Technology, Wuhan 430074, China
通讯机构:
Department of Computer Science, Central China Normal University, China
作者机构:
[夏雪; 肖德宝; 顾婷] Institute of Computer Network and Communication, Huazhong Normal University, Wuhan 430079, China
通讯机构:
[Xia, X.] I;Institute of Computer Network and Communication, Huazhong Normal University, China
关键词:
Alert verification;Context classification;Event correlation;Intrusion detection system(IDS);Ontology language
摘要:
Intrusion Detection System (IDS) nowadays are known for producing a huge amount of alerts that are either not related to true alerts or not represented successful attacks due to lack of information to verify and to correlate IDS events. Alert verification, in the process of event correlation, is a method that we use to determine whether an alert from IDS is a false positive and to identify the success of an attack through context information of protected environment in two aspects. That is victim host context information and network context information. This paper presents alert analysis architecture in the event correlation process and then focuses on alert verification method using ontology-based context classification approach to achieve the goal of high efficiency of verification. An implementation shows in the end for the sake of validating the feasibility of the approach.
作者机构:
[李敏] Dept. of Computer Sci., Huazhong Normal Univ., Wuhan 430079, China;[李桂玲] Dept. of Computer Sci., China Univ. of Geosciences, Wuhan 430074, China;[李桂玲; 李敏; 王元珍] College of Computer Sci. and Technol., Huazhong Univ. of Sci. and Technol., Wuhan 430074, China
通讯机构:
Dept. of Computer Sci., Huazhong Normal Univ., China
作者机构:
[Changlin, Ma] Cent China Normal Univ, Dept Comp Sci, Wuhan 430079, Peoples R China.;Huazhong Univ Sci & Technol, Dept Control Sci & Engn, Wuhan 430074, Peoples R China.
通讯机构:
[Changlin, Ma] C;Cent China Normal Univ, Dept Comp Sci, Wuhan 430079, Peoples R China.
关键词:
Networked control system;Asymptotically stable;Maximum delay
摘要:
Considering the stochastic delay problems existing in networked control systems, a new control mode is proposed for networked control systems whose delay is longer than a sampling period. Under the control mode, the mathematical model of such a system is established. A stochastic stabilization condition for the system is given. The maximum delay can be derived from the stabilization condition.
作者机构:
[许凯华; 金聪; 叶俊民; 张清国] Department of Computer Science, Central China Normal University, Wuhan 430079, China;[金聪] State Key Laboratory of Information Security, Graduate School, Chinese Academy of Sciences, Beijing 100039, China
通讯机构:
Department of Computer Science, Central China Normal University, China
作者机构:
[郭亚军; 王亮] Department of Computer Science, Huazhong Normal University, Wuhan 430079, China;[洪帆; 韩兰胜] College of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan 430074, China
通讯机构:
Department of Computer Science, Huazhong Normal University, China