面向网格计算的按需入侵检测模型及关键技术研究
|
摘要
网格计算出现于90年代早期,被誉为继互联网和万维网之后出现的第三次信息技术浪潮,有望能提供下一代分布式应用和服务,这对信息系统的研究和发展有着深远的影响,但同时也对信息系统安全体制提出了严峻的挑战。
入侵检测(Intrusion Detection)作为一种主动的信息系统安全保障措施,有效地弥补了传统安全防护技术的缺陷。随着计算机技术和网络技术的不断发展,分布式入侵检测(Distributed Intrusion Detection,DID)逐渐成为入侵检测乃至整个信息系统安全领域的研究重点。
尽管当前的分布式入侵检测可以用于保护面向网络的攻击,但是由于它缺乏按需动态组织入侵检测的敏捷性,难以适应网格计算环境下大规模协同工作的动态组建和快速变迁,因此难以应对频繁变化、不可预测的网格计算应用、网格计算应用的安全链结构、大规模分布式协同攻击等挑战。本文将针对面向网格计算的分布式入侵检测关键问题进行研究。
本文首先针对网格计算的动态共享性与多域集成性等特点,利用共享数据环境,提出了按需入侵检测模型(On-Demand Intrusion Detection Model,ODIDM)与基于该模型的按需入侵检测系统(On-Demand Intrusion Detection System,ODIDS),旨在敏捷地构建虚拟入侵检测系统,以监视动态出现的网格计算安全隐患。实验证明基于该模型的入侵检测系统是可行的。
针对ODIDS要求的动态数据访问负载平衡问题,利用水力学中的连通器原理与负载平衡原理的相似性,本文提出了一种动态负载平衡水力学方法以及实现该方法的细胞自动机规划求解算法,旨在构建动态而有效的数据访问负载平衡服务,以减少由于数据访问的不平衡而带来的稳定性、可用性、性能甚至安全的影响。理论证明与数值实验表明细胞自动机规划求解算法是快速收敛的。
针对ODIDS面临的合谋攻击威胁,利用LaGrange插值多项式,本文提出了基于主从秘密碎片的(k,t,n)主属门限秘密共享体制(Principal and Subordinate Threshold Secret Sharing System,PSTSSS)与基于PSTSSS的多域资源秘密共享体制(Multi-Domain Resources Threshold Secret Sharing System,MDRTSSS),使得秘密的解析不仅依赖t个秘密碎片(必须获取的从属秘密碎片的最少个数),也取决于门限的k个关键(主要)秘密碎片的获得。应用PSTSSS到ODIDS的关键服务中,可以构建能预防合谋攻击的入侵容忍系统。理论证明基于主从秘密碎片的门限秘密共享体制是安全的、高信息率的、易实现的。
与当前的分布式入侵检测系统相比,按需入侵检测系统更强调敏捷性,能根据频繁变化的、不可预测的网格计算应用动态检测需求,快速地调整检测资源的
Grid computing, called the third generation information technology after internet and wide world web, comes forth in the early 1990s. It would provide next generation distributed applications and services which takes a profound effect on information system research and development. At the same time, it also challenges to present information system security.As a kind of active measure of information assurance, Intrusion Detection (ID) acts as a effective complement to traditional protection technologies. With the development of computer and network technologies, Distributed Intrusion Detection (DID) has been the focus of intrusion detection and even the whole realm of network security.Although present distributed Intrusion Detection Systems (IDS) can guard against network oriented attacks, it lacks agility that on-demand fast dynamic organization intrusion detection systems, which made it as inefficient system on grid computing. So it can't effectively cope with the challenges of monitoring frequent and unpredictable changing grid computing tasks, grid computing security link structure, threats of large-scale distributed coordinated attacks, et al. In this thesis, we research several critical problems on grid computing oriented DID.This paper focuses on On-Demand Intrusion Detection Model (ODIDM) and its support techniques. For dynamic share and multi-domain integration properties of grid computing, leveraging Shared Data Environment (SDE) technique, this paper presents an on-demand intrusion detection model and ODIDM based On-Demand Intrusion Detection System (ODIDS) agilely constructed virtual intrusion detection system to jointly monitor the changing grid computing application. System prototype and its experiments express this model was acceptable.Aiming at load balancing of ODIDS, leveraging connected vessels theory, this paper presents hydraulics based dynamic load balancing approach and Cellular Automata Programming Algorithm (CAPA). Theory proof and experiments express CAPA algorithm is fast convergence.Aiming at conspiracy attacks of ODIDS, this paper presents a Lagrange polynomial based Principal and Subordinate Threshold Secret Sharing System (PSTSSS) and PSTSSS based Multi-Domain Resources Threshold Secret Sharing System(MDRTSSS).Differing with traditional threshold scheme, private keys were
divided into principal and subordinate shadows keys and can guard against conspiracy attacks. Theory proves that PSTSSS was secure, high information rate and easy implementation. So PSTSSS based intrusion tolerant system could counteract conspiracy attacks.Comparing with traditional distributed intrusion detection system, ODIDS has agility, that is, according to frequent and unpredictable changes of grid computing application ODIDS can fast reconstruct virtual intrusion detection system to cooperatively monitor grid computing task and didn't waste any resources.
入侵检测(Intrusion Detection)作为一种主动的信息系统安全保障措施,有效地弥补了传统安全防护技术的缺陷。随着计算机技术和网络技术的不断发展,分布式入侵检测(Distributed Intrusion Detection,DID)逐渐成为入侵检测乃至整个信息系统安全领域的研究重点。
尽管当前的分布式入侵检测可以用于保护面向网络的攻击,但是由于它缺乏按需动态组织入侵检测的敏捷性,难以适应网格计算环境下大规模协同工作的动态组建和快速变迁,因此难以应对频繁变化、不可预测的网格计算应用、网格计算应用的安全链结构、大规模分布式协同攻击等挑战。本文将针对面向网格计算的分布式入侵检测关键问题进行研究。
本文首先针对网格计算的动态共享性与多域集成性等特点,利用共享数据环境,提出了按需入侵检测模型(On-Demand Intrusion Detection Model,ODIDM)与基于该模型的按需入侵检测系统(On-Demand Intrusion Detection System,ODIDS),旨在敏捷地构建虚拟入侵检测系统,以监视动态出现的网格计算安全隐患。实验证明基于该模型的入侵检测系统是可行的。
针对ODIDS要求的动态数据访问负载平衡问题,利用水力学中的连通器原理与负载平衡原理的相似性,本文提出了一种动态负载平衡水力学方法以及实现该方法的细胞自动机规划求解算法,旨在构建动态而有效的数据访问负载平衡服务,以减少由于数据访问的不平衡而带来的稳定性、可用性、性能甚至安全的影响。理论证明与数值实验表明细胞自动机规划求解算法是快速收敛的。
针对ODIDS面临的合谋攻击威胁,利用LaGrange插值多项式,本文提出了基于主从秘密碎片的(k,t,n)主属门限秘密共享体制(Principal and Subordinate Threshold Secret Sharing System,PSTSSS)与基于PSTSSS的多域资源秘密共享体制(Multi-Domain Resources Threshold Secret Sharing System,MDRTSSS),使得秘密的解析不仅依赖t个秘密碎片(必须获取的从属秘密碎片的最少个数),也取决于门限的k个关键(主要)秘密碎片的获得。应用PSTSSS到ODIDS的关键服务中,可以构建能预防合谋攻击的入侵容忍系统。理论证明基于主从秘密碎片的门限秘密共享体制是安全的、高信息率的、易实现的。
与当前的分布式入侵检测系统相比,按需入侵检测系统更强调敏捷性,能根据频繁变化的、不可预测的网格计算应用动态检测需求,快速地调整检测资源的
Grid computing, called the third generation information technology after internet and wide world web, comes forth in the early 1990s. It would provide next generation distributed applications and services which takes a profound effect on information system research and development. At the same time, it also challenges to present information system security.As a kind of active measure of information assurance, Intrusion Detection (ID) acts as a effective complement to traditional protection technologies. With the development of computer and network technologies, Distributed Intrusion Detection (DID) has been the focus of intrusion detection and even the whole realm of network security.Although present distributed Intrusion Detection Systems (IDS) can guard against network oriented attacks, it lacks agility that on-demand fast dynamic organization intrusion detection systems, which made it as inefficient system on grid computing. So it can't effectively cope with the challenges of monitoring frequent and unpredictable changing grid computing tasks, grid computing security link structure, threats of large-scale distributed coordinated attacks, et al. In this thesis, we research several critical problems on grid computing oriented DID.This paper focuses on On-Demand Intrusion Detection Model (ODIDM) and its support techniques. For dynamic share and multi-domain integration properties of grid computing, leveraging Shared Data Environment (SDE) technique, this paper presents an on-demand intrusion detection model and ODIDM based On-Demand Intrusion Detection System (ODIDS) agilely constructed virtual intrusion detection system to jointly monitor the changing grid computing application. System prototype and its experiments express this model was acceptable.Aiming at load balancing of ODIDS, leveraging connected vessels theory, this paper presents hydraulics based dynamic load balancing approach and Cellular Automata Programming Algorithm (CAPA). Theory proof and experiments express CAPA algorithm is fast convergence.Aiming at conspiracy attacks of ODIDS, this paper presents a Lagrange polynomial based Principal and Subordinate Threshold Secret Sharing System (PSTSSS) and PSTSSS based Multi-Domain Resources Threshold Secret Sharing System(MDRTSSS).Differing with traditional threshold scheme, private keys were
divided into principal and subordinate shadows keys and can guard against conspiracy attacks. Theory proves that PSTSSS was secure, high information rate and easy implementation. So PSTSSS based intrusion tolerant system could counteract conspiracy attacks.Comparing with traditional distributed intrusion detection system, ODIDS has agility, that is, according to frequent and unpredictable changes of grid computing application ODIDS can fast reconstruct virtual intrusion detection system to cooperatively monitor grid computing task and didn't waste any resources.
引文
[1] 徐志伟,冯百明,李伟.网格计算技术.北京:电子工业出版社.2004
[2] Foster I,Kesselman C.金海等译.网格计算(第二版).北京:电子工业出版社.2004
[3] Foster I, Kesselman C, Tuecke S. The Anatomy of the Grid: Enabling Scalable Virtual Organizations. Supercomputer Applications, 2001,Vol 15,No 3: 200~222
[4] Foster I, Kesselman C, Nick J, Tuecke S. The Physiology of the Grid: An Open Grid Services Architecture for Distributed Systems Integration. Open Grid Service Infrastructure WG, Global Grid Forum, June 22, 2002
[5] Tuecke S, Czajkowski K, Foster I, et al. Open Grid Services Infrastructure (OGSI) Version 1.0. Global Grid Forum Draft Recommendation, June 27, 2003
[6] Foster I, Kesselman C. The Grid: Blueprint for a New Computing Infrastructure. Morgan-Kaufman, 1999
[7] Chervenak A, Foster I, Kesselman C, Salisbury C, Tuecke S. The Data Grid: Towards Architecture for the Distributed Management and Analysis of Large Scientific Datasets. Journal of Network and Computer Applications, 2001,Vol 23,No 3:187~200
[8] Hyatt M, Vrablik R. The Information Grid, Secure access to any information, anywhere, over any network, http://www-128.ibm.com/developerworks/library/infogrid.html, developerWorks, January 2004
[9] 徐志伟,李伟.织女星网格的体系结构研究.计算机研究与发展,2002,No.8
[10] Joseph J,Fellenstein C,战晓苏等译.网格计算.北京:清华大学出版社,2005
[11] Foster I. Service-Oriented Science. Science, Vol 308, May 6, 2005
[12] Humphrey M, Wasson G, Jackson K, Boverhof J, et al. State and events for web services: A comparison of five WS-Resource framework and WS-Notification implementations. 4th IEEE International Symposium on High Performance Distributed Computing, Research Triangle Park, NC, 24-27, July, 2005
[13] Czajkowski K, Ferguson D, Foster I, Frey J, Graham S, et al. From open grid services infrastructure to WS-Resource framework: refactoring & evolution. March 5, 2004
[14] Allcock B, Bresnahan J, Kettimuthu R, et al. The Globus Striped GridFTP Framework and Server. Submitted to the 2005 High Performance Distributed Computing Conference (HPDC 14),2005
[15] Stockinger H, Samar A, Allcock B, Foster I, Holtman K, Tierney B. File and Object Replication in Data Grids. Proceedings of the Tenth International Symposium on High Performance Distributed Computing (HPDC-10), IEEE Press, August 2001.
[16] Leu F Y, Lin J C, Li M C, Yang C T, Shih P C. Integrating grid with intrusion detection. Proceedings of the 19th International Conference on Advanced Information Networking and Applications,March,2005
[17] Tolba M F, Abdel-Wahab M S, et al. Distributed intrusion detection system for computational grids. Second International Conference on Intelligent Computing and Information Systems, March 2005
[18] Tolba M F, Abdel-Wahab M S, Taha I A, et al. GIDA: Toward Enabling Grid Intrusion Detection Systems. CCGrid, 11th May,2005
[19] 唐正军.入侵检测技术导论.北京:机械工业出版社,2004
[20] 韩东海,王超,李群.入侵检测系统实例剖析.北京:清华大学出版社,2002
[21] 刘启原,刘怡.数据库与信息系统的安全.北京:科学出版社,2000
[22] Caswell B, Beale J, Foster J C, Posluns J,宋劲松等译.Snoa 2.0入侵检测.北京:国防工业出版社,2004
[23] Bace R G. Intrusion Detection. Macmillan Technical Publishing, U.S.A, 1999
[24] Denning D. An intrusion detection model. IEEE transaction on Software Engineering, 1987, Vol 13,No.2:222~232
[25] Roesch M. Snort: Lightweight intrusion detection for networks. In the Proceedings of the 13th Large Installation System Administration Conference, Seattle, Washington, USA November 1999
[26] 卢邑.协同式网络对抗.北京:国防工业出版社,2003
[27] 连一峰.分布式入侵检测系统研究[博士论文].合肥:中国科学与技术大学,2001
[28] Kahn C, Porras P A, Staniford-Chen S,Tung B. A common intrusion detection framework. Submitted to Journal of Computer Security, July 1998
[29] Fyodor Y. SnortNet: A distributed IDS approach, http://snortnet.scorpions.net/snortnet.pdf, June, 2000
[30] Snapp S R, Smaha S E, Teal D M,Grance T. The DIDS (distributed intrusion detection system) prototype. In USENIX Association. Proceedings of the Summer 1992 USENIX Conference, Berkeley, CA, USA, USENIX Association, June 1992
[31] Staniford-Chen S, Cheung S R, et al. Grids-a graph based intrusion detection system for large networks. Proceedings of the 19th National Information Systems Security Conference, 1996
[32] Ming M Y, Jasper R J, Wicks T M. A larger scale distributed intrusion detection framework based on intrusion strategy analysis. Computer Network, 1999,Vol 31 No.23-24:2465~2475
[33] Porras P A,Neumann P G. EMERALD: Event monitoring enabling responses to anomalous live disturbances. In National Information Systems Security Conference, Baltimore MD, October, 1997
[34] Peng N. Abstraction-Based Intrusion Detection in Distributed Environments. PhD thesis. North Carolina State University, 2001.
[35] Balasubramaniyan J S, Garcia-Femandez J O, et al. Architecture for Intrusion Detection using Autonomous Agents. COAST Technical Report, COAST Laboratory, Purdue University, 1998
[36] Janakiraman R, Waldvogel M, Qi Z. Indra: A peer-to-peer approach to network intrusion detection and prevention. Proceedings of 2003 IEEE WETICE Workshop on Enterprise Security, Linz, Austria, June 2003
[37] Kruegel C, Toth T, Kirda E. Sparta: A Mobile Agent based Intrusion Detection System. htp://www.infosys.tuwien.ac.attStafflttlpublicationslSparta_a_mobile_agentbasec_lntrusion_Detection_System.pdf, 2004
[38] Intrusion Detection Working Group. The intrusion detection exchange protocol (IDXP). http://www.ietf.org/internet-drafts/draft-ietf-idwg-Beep-idxp-04.txt, January,2002
[39] Intrusion Detection Working Group. Intrusion detection message exchange format data model and extensible markup language (XML) document type definition. http://www.ietf.org/intemet-drafls/draft-ietf-idwg-idmef-xml-06.txt, December,2001
[40] Paxson V. Bro: A system for detecting network intruders in real-time. In Proceedings of the Seventh USENIX Security Symposium, San Antonio, TX, January 1998
[41] Sebring M, Sellhouse E, Hanna M E, Whitehurst R A. Expert system in intrusion detection: A case study, Proceedings of the 11th National Computer Security Conference, Baltimore, MD,October, 1988
[42] Anderson D, Frivold T, Valdes A. Next generation intrusion detection expert system (NIDES): A summary. Technical Report, Computer Science Laboratory, SRI International, May 1995
[43] Pickel J,Danyliw R. Enabling automated detection of security events that affect multiple administrative domains, http://www.incident.org/thesis/bookl.html, November 2000
[44] Krugel C, Toth T. Distributed pattern detection for intrusion detection. Proceedings of the network and distributed system security symposium conference, 2002
[45] Bass T. Intrusion detection systems and multi-sensor data fusion. Communications of the ACM, Vol.43 No.4, April,2000
[46] Brentano J, Snapp S R, Dias G V, Goan T L, et al. An architecture for a distributed intrusion detection system.Proceedings of the 14th DoE Computer Security Group Conference, May 1991
[47] Snapp S R, Brentano J, Dias G V, et al. A system for distributed intrusion detection, Proceedings of the COMPCON, San Francisco, CA, March 1991
[48] Proctor P. Audit reduction and misuse detection in heterogeneous environments: Framework and application. Proceedings of the 10th Annual Computer Security Applications Conference, Orlando, FL, December, 1994
[49] Ilgun K, Kemmerer R A, Porras P A. State transition analysis: A rule-based intrusion detection approach. IEEE Transactions on Software Engineering, 1995,Vol.21,No.3:181~199
[50] Ilgun K.USTAT:A real-time intrusion detection system for UNIX. Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy, Oakland, CA, May 1993
[51] Richard A. NSTAT: A model-based real-time network intrusion detection system. technical report TRCS97-18, Barbara, November,1997
[52] Giovanni V, Richard A. NetSTAT: A network-based intrusion detection approach, Proceedings of the 14th Annual Computer Security Conference, Scottsdale, Arizona, December, 1998
[53] 陈硕,安常青.分布式入侵检测系统及其认知能力.软件学报,2001,Vol 12 No 2:225~232
[54] 肖建华,张建忠.基于移动Agent的分布式入侵检测系统的体系研究.计算机科学.2002,Vol 29.No 8:39~40
[55] 连一峰,戴英侠,胡艳,许一凡.分布式入侵检测模型研究.计算机研究与发展,2003,Vol40,No 8:1195~1202
[56] 蒋昌俊.Petri网的行为理论及其应用.北京:高等教育出版社.2003
[57] 江志斌.Petri网及其在制造系统建模与控制中的应用.北京:机械工业出版社.2004
[58] 袁崇义.Petri网原理与应用.北京:电子工业出版社.2005
[59] http://www.w3c.org/
[60] Chu W W, Optimal file allocation in a multiple computer system. IEEE Transaction Computer, 1969,Vol C 18:885~889
[61] Wah B W. Data management in distributed systems and distributed databases. Ph.D. Dissertation, University of California, Berkeley, CA, USA, 1979
[62] Smith A J. Long term file migration: development and evaluation of algorithms. Communications of ACM, 1981 ,No 24:512~532
[63] Eswaran K P. Placement of records in a file and file allocation in a computer network, Proceedings of IFIP Congress on Information Processing, Stockholm, Sweden, 1974
[64] Ced S, Navathe S B, Wiederhold G. Distribution Design of Logical Database Schemas, IEEE Transactions on Software Engineering,1983,No 9:487~503
[65] Navathe S B, Ced S, Wiederhold G, Dou J. Vertical Partitioning Algorithms for Database Design. ACM Transaction on Database Systems, 1984, No 9:680~710
[66] Ceri S, Pernici B, Wiederhold G. Optimization problems and solution methods in the Design of Data Distribution, Information Systems, 1989,No 14:261~272
[67] Sacco C. Fragmentation: A technique for efficient query processing, ACM Transaction on Database Systems,, 1986,No 11:113~133
[68] Wilson B, Navathe S B. An analytical framework for the redesign of distributed Databases. Proceedings of the 6th Advanced Database Symposium, Tokyo, Japan, 1986
[69] Rivera Vega P I, Varadarajan R, Navathe S B. Scheduling data redistribution in distributed databases. IEEE Proceedings of the Sixth International Conference on Data Engineering, 1990
[70] Weikum G. Data partitioning and load balancing in parallel storage systems. Thirteenth IEEE Symposium on Mass Storage Systems, 1994
[71] Yu C T, Sui M K, Lam K, Chen C H. Adaptive file allocation in star network. IEEE software Engineer. 1985.959~965.
[72] Apers P M G. Data allocation in distributed database system. ACM ODS,1988,113:263~304
[73] Brunstrom A, Leutenegger S T, Simha R. Experimental evaluation of dynamic data allocation strategies in a distributed database with changing workloads, in Proceedings of the 1995 International Conference on Information and Knowledge Management, Baltimore, MD, USA, 1995
[74] Ulus T, Uysal,M. Heuristic approach to dynamic data allocation in distributed database systems.Pakistan Journal of Information and Technology,2003,Vol 2,No 3:231-239
[75] Sun W T, Shu J W, Zheng W M. Dynamic file allocation in storage area networks with neural network prediction. Lecture Notes In Computer Science, 2004, Vol 3174,719~724
[76] Anderson R, Khattak A. The use of information retrieval techniques for intrusion detection. Web proceedings of the First International Workshop on Recent Advances in Intrusion Detection, 1998
[77] Goles E, Martinez S. Cellular Automata and Complex Systems. Amsterdam, Netherlands: Kluwer, 1999
[78] Wolfram S. Cellular Automata and Complexity: Collected Papers. Reading, MA: Addison-Wesley, 1994
[79] http://mathwodd.wolfram.com/CellularAutomaton.html
[80] 王丽娜.网络多媒体信息安全保密技术.武汉:武汉大学出版社.2003
[81] BBN Technologies and University of Illinois. The ITUA Intrusion Model.http://itua.bbn. com/model.html, August 2001.
[82] Ranger G R, Khoslan P K, Bakkaloglu M. et al. Survivable storage systems. In DARPA Information Survivability Conference and Exposition II.IEEE Computer Society. June 2001
[83] http://www.stanford.edu/~dado/ITTC
[84] 荆继武.高安全PKI系统研究[博士论文].北京:中国科学院软件研究所.2002
[85] Teng H S. Chen K, Lu S C. Security audit trail analysis using inductively generated predictive rules. Proceedings of the 6th Conference on Artificial Intelligence Applications, Santa Barbara, CA, May 1990
[86] Teng H S, Chen K, Lu S C. Adaptive real-time anomaly detection using inductively generated sequential patterns. Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, CA, May 1990
[87] Shamir A. How to share a secret. Communications of the ACM 22, 1979.
[88] Blakley G R. Safeguarding Cryptographic Keys. Proceeding of the National Computer Conference,1979,American Federation of Information Processing Societies.v.48,1979,pp. 313~317
[89] Schneier B,吴世忠(译).应用密码学协议、算法与C源程序(第二版).北京:机械工业出版社,2002
[90] Asmuth C, Bloom J. A modular approach to key safeguarding. IEEE Transaction on Information Theory. 1983,Vol IT-29,No 2:208~210
[91] Karin E D, Greece J W, Hellman M E.on sharing secrete systems. IEEE Transactions on Information Theory, 1983, Vol IT-29,35~41
[92] Brickell E, Davenport D. On the classification of ideal secret sharing schemes, Lecture Notes in Computer Science, 1990,Vol 435:278-285
[93] Blundo C, Santis A D, Gargano L, Vaccaro U. On the Information Rate of Secret Sharing Schemes. Lecture Notes in Computer Science, 1993,Vol 740:148~167
[94] He J, Dawson E.Multistage secret sharing based on one-way function. Electronics Letters, 1994,Vol 30,No. 19:1591~1582
[95] 刘焕平,杨义先,杨放春.基于单向函数的多级秘密共享方案.电子科学学刊,1999.Vol21,No 4:561~564
[96] McEliece R J, Sarwate D V. On sharing secret and reed-solomon codes. Communications of the ACM,1981,Vol 21,No 8:583~584
[97] Rabin T, Ben-Or M. Verifiable secrets sharing and multiparty protocols with honest majority. Proceedings 21st ACM Symposium on Theory of Computing, New York: ACM press,1989.
[98] 张建中,肖国镇.一个可防止欺诈的秘密分享方案.电子科学学刊,1999,Vol 21.No4:516~521
[99] Ghodosi H, Pieprzyk J. Cheating Prevention in Secret Sharing. Australasian Conference on Information Security and Privacy, 2000:328~341
[100] Pieprzyk J, Zhang X M. On Cheating Immune Secret Sharing. Information Security and Cryptology,2001,226-243
[101] Pieprzyk J, Zhang X M. Ideal Threshold Schemes from MDS Codes. 5th International Conference Information Security and Cryptology, Seoul, Korea, November 28-29, 2002
[102] 张申生.敏捷制造的理论、技术与实践.上海交通大学出版社,上海,2002
[103] Alberts. Power to the edge. American:CCRP,2003
[104] Ghosh A K, Wanken J, Charron F. Detecting anomalous and unknown intrusions against programs. Proceedings of the 1998 Annual Computer Security Applications Conference, December 1998
[105] Hui C C, Chanson S T. Hydrodynamic load balancing. IEEE Transactions on Parallel and Distributed System, 1999,Vol 10.No 11:1118~1137
[106] David A, Patterson, John L, Hennessy. Computer Architecture A Quantitative Approach.北京:机械工业出版社(影印版).1999
[107] 《运筹学》教材编写组.运筹学.北京:清华大学出版社.2000
[108] Http://www.cs.comell.edu/home/ldzhou/coca.htm/
[109] Http://www.globus.org/
[110] Http://www.ogsa-dai.org/
[111] Valdes A, Skinner K. An approach to sensor correlation. Recent Advances in Intrusion Detection, Toulouse, France, October 2000
[112] Valdes A, Skinner K. Probabilistic alert correlation. In Proceedings of the Fourth International Symposium on Recent Advances in Intrusion Detection,Davis, CA, USA,October,2001
[113] Fox K, Henning R, Reed J, Simonian R. A neural network approach towards intrusion detection. Technical Report, Harris Corporation, 1990
[114] Endler D. Intrusion detection: Applying machine learning to solaris audit data, In Proceedings of the 1998 Annual Computer Security Applications Conference (ACSAC98), Dec 1998
[115] Lee W. A Data Mining Framework for Constructing Features and Models for Intrusion Detection Systems, PhD thesis, Columbia University, 1999
[116] Lee W, Stolfo.S, Chan.P, et al. Real time data mining-based intrusion detection. Proceedings Second DARPA Information Survivability Conference and Exposition, 2001
[117] Medina M. A layered framework for placement of distributed intrusion detection devices. In proceedings of the 21st National Information Systems Security Conference, Crystal city, Virginia, October 1998
[118] Heberlein L, Levitt T, Mukherjee. A method to detect intrusive activity in a networked environment. Proceedings of the 14th National Computer Security Conference, Washington D C, October, 1991
[119] Cheung S. Crawford, R. Dilger, M. et al. The design of grids: A graph-based intrusion detection system. Technical Report CSE-99-2, U.C. Davis Computer Science Department, January 1999
[120] Lee W, Stolfo S J, Mok K W. A data mining framework for building intrusion detection models. In Proceedings of the 1999 IEEE Symposium on Security and Privacy, May 1999
[121] Huang M Y, Thomas M W. A large-scale distributed intrusion detection framework based on attack strategy analysis. Web proceedings of the First International Workshop on Recent Advances in Intrusion Detection, 1998
[122] Spyrou T, Darzentas J. Intention modeling: Approximation of computer user intentions for detection and prediction of intrusions. Information System. Greece: Samos, 1996
[123] Joseph P, et al. Building adaptive and agile applications using intrusion detection and response. Web Proceedings of Network and Distributed Systems Symposium, 2000
[124] William W, Cohen. Fast effective rule induction. In Machine Learning: Proceedings of the Twelfth International Conference, Lake Tahoe, California, 1999
[125] Agrawal R, Srikant R. Fast algorithms for mining association rules. In Proceedings of the 20th Intel Conference on Very Large Databases, Santiago, Chile, September,1994
[126] Chen M, Han J,Yu P. Data mining: An overview from database perspective. IEEE Transactions on Knowledge and Data Engineer, 1996,Vol 8,No 6:866~883
[127] Han J W, Kamber.M. Data Mining: Concepts and Techniques. Morgan Kaufmann Publishers. 2000.
[128] 高济.基于知识的软件智能化技术.杭州:浙江大学出版社.2002
[129] Agrawal R, Srikant R. Mining sequential patterns. Research Report RJ 9910, IBM Almaden Research Center, San Jose, California, October 1994.
[130] Feiertag R, Kahn C, et al. A Common Intrusion Specification Language (CISL). http://www.isi.edu/gost/cidf/drafts/language.txt, June 1999.
[131] Malkin M,Wu T, Boneh D. Building intrusion tolerant applications. Proceedings of DARPA Information Survivability Conference and Exposition, 2000, Volume 1:74~87
[132] Lee W K,Rahul A, Nimbalkar, et al. A data mining and CIDF based approach for detecting novel and distributed intrusions. Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection, Toulouse, France, Oct 2000.
[133] Lee W K, Stolfo S J. Data mining approaches for intrusion detection. Proceedings of the 7th USENIX Security Symposium, San Antonio, TX, January 1998.
[134] Lee W K, Stolfo S J, Mok K W. A data mining framework for building intrusion detection models, In Proceedings of the 1999 IEEE Symposium on Security and Privacy, May 1999.
[135] Spyrou T, Darzentas J. Intention modeling: Approximation of computer user intentions for detection and prediction of intrusions. Information System. Greece: Samos, 1996,319~335.
[136] Anup K, Ghosh, Schwartzbard A, Schatz M. Learning program behavior profiles for intrusion detection. Proceedings of the 1st USENIX Workshop on Intrusion Detection and Network Monitoring, Santa Clara, California, April 1999.
[137] Steven T. Eckmann. Translating snort rules to STATL scenarios. In Proceedings of the Fourth International Symposium on Recent Advances in Intrusion Detection,Davis, CA, USA, October 10-12, 2001.
[138] Patton S, Yurcik W, Doss D. An Achilles heel in signature-based IDS: squealing false positives in SNORT. Proceedings of the Fourth International Symposium on Recent Advances in Intrusion Detection.Davis, CA, USA,October 10-12, 2001
[139] Desai N. Increasing performance in high speed NIDS. http://online.securityfocus.com/data/library/Increasing_Performance_in_High_Speed_NIDS.pdf>
[140] Forrest S, Hofmeyr S A, Somayaji A, Longstaff T A. A sense of self for unix processes. Proceedings of the 1996 IEEE Symposium on Security and Privacy, IEEE Computer Society Press, Los Alamitos, CA, 1996
[141] Hofmeyr S A, Forrest S, Somayaji A. Intrusion detection using sequences of system calls. Journal of Computer Security, No 6:151~180, 1998
[142] Forrest S, Hofmeyr S A. Immunology as information processing. In Design Principles for the Immune System and Other Distributed Autonomous Systems, edited by L.A. Segel and I. Cohen. Santa Fe Institute Studies in the Sciences of Complexity. New York: Oxford University Press, 2000
[143] Warrender C, Forrest S, Pearlmutter B. Detecting intrusions using system calls: alternative data models. Proceedings of IEEE Symposium on Security and Privacy, Oakland, California, May 9-12 1999.
[2] Foster I,Kesselman C.金海等译.网格计算(第二版).北京:电子工业出版社.2004
[3] Foster I, Kesselman C, Tuecke S. The Anatomy of the Grid: Enabling Scalable Virtual Organizations. Supercomputer Applications, 2001,Vol 15,No 3: 200~222
[4] Foster I, Kesselman C, Nick J, Tuecke S. The Physiology of the Grid: An Open Grid Services Architecture for Distributed Systems Integration. Open Grid Service Infrastructure WG, Global Grid Forum, June 22, 2002
[5] Tuecke S, Czajkowski K, Foster I, et al. Open Grid Services Infrastructure (OGSI) Version 1.0. Global Grid Forum Draft Recommendation, June 27, 2003
[6] Foster I, Kesselman C. The Grid: Blueprint for a New Computing Infrastructure. Morgan-Kaufman, 1999
[7] Chervenak A, Foster I, Kesselman C, Salisbury C, Tuecke S. The Data Grid: Towards Architecture for the Distributed Management and Analysis of Large Scientific Datasets. Journal of Network and Computer Applications, 2001,Vol 23,No 3:187~200
[8] Hyatt M, Vrablik R. The Information Grid, Secure access to any information, anywhere, over any network, http://www-128.ibm.com/developerworks/library/infogrid.html, developerWorks, January 2004
[9] 徐志伟,李伟.织女星网格的体系结构研究.计算机研究与发展,2002,No.8
[10] Joseph J,Fellenstein C,战晓苏等译.网格计算.北京:清华大学出版社,2005
[11] Foster I. Service-Oriented Science. Science, Vol 308, May 6, 2005
[12] Humphrey M, Wasson G, Jackson K, Boverhof J, et al. State and events for web services: A comparison of five WS-Resource framework and WS-Notification implementations. 4th IEEE International Symposium on High Performance Distributed Computing, Research Triangle Park, NC, 24-27, July, 2005
[13] Czajkowski K, Ferguson D, Foster I, Frey J, Graham S, et al. From open grid services infrastructure to WS-Resource framework: refactoring & evolution. March 5, 2004
[14] Allcock B, Bresnahan J, Kettimuthu R, et al. The Globus Striped GridFTP Framework and Server. Submitted to the 2005 High Performance Distributed Computing Conference (HPDC 14),2005
[15] Stockinger H, Samar A, Allcock B, Foster I, Holtman K, Tierney B. File and Object Replication in Data Grids. Proceedings of the Tenth International Symposium on High Performance Distributed Computing (HPDC-10), IEEE Press, August 2001.
[16] Leu F Y, Lin J C, Li M C, Yang C T, Shih P C. Integrating grid with intrusion detection. Proceedings of the 19th International Conference on Advanced Information Networking and Applications,March,2005
[17] Tolba M F, Abdel-Wahab M S, et al. Distributed intrusion detection system for computational grids. Second International Conference on Intelligent Computing and Information Systems, March 2005
[18] Tolba M F, Abdel-Wahab M S, Taha I A, et al. GIDA: Toward Enabling Grid Intrusion Detection Systems. CCGrid, 11th May,2005
[19] 唐正军.入侵检测技术导论.北京:机械工业出版社,2004
[20] 韩东海,王超,李群.入侵检测系统实例剖析.北京:清华大学出版社,2002
[21] 刘启原,刘怡.数据库与信息系统的安全.北京:科学出版社,2000
[22] Caswell B, Beale J, Foster J C, Posluns J,宋劲松等译.Snoa 2.0入侵检测.北京:国防工业出版社,2004
[23] Bace R G. Intrusion Detection. Macmillan Technical Publishing, U.S.A, 1999
[24] Denning D. An intrusion detection model. IEEE transaction on Software Engineering, 1987, Vol 13,No.2:222~232
[25] Roesch M. Snort: Lightweight intrusion detection for networks. In the Proceedings of the 13th Large Installation System Administration Conference, Seattle, Washington, USA November 1999
[26] 卢邑.协同式网络对抗.北京:国防工业出版社,2003
[27] 连一峰.分布式入侵检测系统研究[博士论文].合肥:中国科学与技术大学,2001
[28] Kahn C, Porras P A, Staniford-Chen S,Tung B. A common intrusion detection framework. Submitted to Journal of Computer Security, July 1998
[29] Fyodor Y. SnortNet: A distributed IDS approach, http://snortnet.scorpions.net/snortnet.pdf, June, 2000
[30] Snapp S R, Smaha S E, Teal D M,Grance T. The DIDS (distributed intrusion detection system) prototype. In USENIX Association. Proceedings of the Summer 1992 USENIX Conference, Berkeley, CA, USA, USENIX Association, June 1992
[31] Staniford-Chen S, Cheung S R, et al. Grids-a graph based intrusion detection system for large networks. Proceedings of the 19th National Information Systems Security Conference, 1996
[32] Ming M Y, Jasper R J, Wicks T M. A larger scale distributed intrusion detection framework based on intrusion strategy analysis. Computer Network, 1999,Vol 31 No.23-24:2465~2475
[33] Porras P A,Neumann P G. EMERALD: Event monitoring enabling responses to anomalous live disturbances. In National Information Systems Security Conference, Baltimore MD, October, 1997
[34] Peng N. Abstraction-Based Intrusion Detection in Distributed Environments. PhD thesis. North Carolina State University, 2001.
[35] Balasubramaniyan J S, Garcia-Femandez J O, et al. Architecture for Intrusion Detection using Autonomous Agents. COAST Technical Report, COAST Laboratory, Purdue University, 1998
[36] Janakiraman R, Waldvogel M, Qi Z. Indra: A peer-to-peer approach to network intrusion detection and prevention. Proceedings of 2003 IEEE WETICE Workshop on Enterprise Security, Linz, Austria, June 2003
[37] Kruegel C, Toth T, Kirda E. Sparta: A Mobile Agent based Intrusion Detection System. htp://www.infosys.tuwien.ac.attStafflttlpublicationslSparta_a_mobile_agentbasec_lntrusion_Detection_System.pdf, 2004
[38] Intrusion Detection Working Group. The intrusion detection exchange protocol (IDXP). http://www.ietf.org/internet-drafts/draft-ietf-idwg-Beep-idxp-04.txt, January,2002
[39] Intrusion Detection Working Group. Intrusion detection message exchange format data model and extensible markup language (XML) document type definition. http://www.ietf.org/intemet-drafls/draft-ietf-idwg-idmef-xml-06.txt, December,2001
[40] Paxson V. Bro: A system for detecting network intruders in real-time. In Proceedings of the Seventh USENIX Security Symposium, San Antonio, TX, January 1998
[41] Sebring M, Sellhouse E, Hanna M E, Whitehurst R A. Expert system in intrusion detection: A case study, Proceedings of the 11th National Computer Security Conference, Baltimore, MD,October, 1988
[42] Anderson D, Frivold T, Valdes A. Next generation intrusion detection expert system (NIDES): A summary. Technical Report, Computer Science Laboratory, SRI International, May 1995
[43] Pickel J,Danyliw R. Enabling automated detection of security events that affect multiple administrative domains, http://www.incident.org/thesis/bookl.html, November 2000
[44] Krugel C, Toth T. Distributed pattern detection for intrusion detection. Proceedings of the network and distributed system security symposium conference, 2002
[45] Bass T. Intrusion detection systems and multi-sensor data fusion. Communications of the ACM, Vol.43 No.4, April,2000
[46] Brentano J, Snapp S R, Dias G V, Goan T L, et al. An architecture for a distributed intrusion detection system.Proceedings of the 14th DoE Computer Security Group Conference, May 1991
[47] Snapp S R, Brentano J, Dias G V, et al. A system for distributed intrusion detection, Proceedings of the COMPCON, San Francisco, CA, March 1991
[48] Proctor P. Audit reduction and misuse detection in heterogeneous environments: Framework and application. Proceedings of the 10th Annual Computer Security Applications Conference, Orlando, FL, December, 1994
[49] Ilgun K, Kemmerer R A, Porras P A. State transition analysis: A rule-based intrusion detection approach. IEEE Transactions on Software Engineering, 1995,Vol.21,No.3:181~199
[50] Ilgun K.USTAT:A real-time intrusion detection system for UNIX. Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy, Oakland, CA, May 1993
[51] Richard A. NSTAT: A model-based real-time network intrusion detection system. technical report TRCS97-18, Barbara, November,1997
[52] Giovanni V, Richard A. NetSTAT: A network-based intrusion detection approach, Proceedings of the 14th Annual Computer Security Conference, Scottsdale, Arizona, December, 1998
[53] 陈硕,安常青.分布式入侵检测系统及其认知能力.软件学报,2001,Vol 12 No 2:225~232
[54] 肖建华,张建忠.基于移动Agent的分布式入侵检测系统的体系研究.计算机科学.2002,Vol 29.No 8:39~40
[55] 连一峰,戴英侠,胡艳,许一凡.分布式入侵检测模型研究.计算机研究与发展,2003,Vol40,No 8:1195~1202
[56] 蒋昌俊.Petri网的行为理论及其应用.北京:高等教育出版社.2003
[57] 江志斌.Petri网及其在制造系统建模与控制中的应用.北京:机械工业出版社.2004
[58] 袁崇义.Petri网原理与应用.北京:电子工业出版社.2005
[59] http://www.w3c.org/
[60] Chu W W, Optimal file allocation in a multiple computer system. IEEE Transaction Computer, 1969,Vol C 18:885~889
[61] Wah B W. Data management in distributed systems and distributed databases. Ph.D. Dissertation, University of California, Berkeley, CA, USA, 1979
[62] Smith A J. Long term file migration: development and evaluation of algorithms. Communications of ACM, 1981 ,No 24:512~532
[63] Eswaran K P. Placement of records in a file and file allocation in a computer network, Proceedings of IFIP Congress on Information Processing, Stockholm, Sweden, 1974
[64] Ced S, Navathe S B, Wiederhold G. Distribution Design of Logical Database Schemas, IEEE Transactions on Software Engineering,1983,No 9:487~503
[65] Navathe S B, Ced S, Wiederhold G, Dou J. Vertical Partitioning Algorithms for Database Design. ACM Transaction on Database Systems, 1984, No 9:680~710
[66] Ceri S, Pernici B, Wiederhold G. Optimization problems and solution methods in the Design of Data Distribution, Information Systems, 1989,No 14:261~272
[67] Sacco C. Fragmentation: A technique for efficient query processing, ACM Transaction on Database Systems,, 1986,No 11:113~133
[68] Wilson B, Navathe S B. An analytical framework for the redesign of distributed Databases. Proceedings of the 6th Advanced Database Symposium, Tokyo, Japan, 1986
[69] Rivera Vega P I, Varadarajan R, Navathe S B. Scheduling data redistribution in distributed databases. IEEE Proceedings of the Sixth International Conference on Data Engineering, 1990
[70] Weikum G. Data partitioning and load balancing in parallel storage systems. Thirteenth IEEE Symposium on Mass Storage Systems, 1994
[71] Yu C T, Sui M K, Lam K, Chen C H. Adaptive file allocation in star network. IEEE software Engineer. 1985.959~965.
[72] Apers P M G. Data allocation in distributed database system. ACM ODS,1988,113:263~304
[73] Brunstrom A, Leutenegger S T, Simha R. Experimental evaluation of dynamic data allocation strategies in a distributed database with changing workloads, in Proceedings of the 1995 International Conference on Information and Knowledge Management, Baltimore, MD, USA, 1995
[74] Ulus T, Uysal,M. Heuristic approach to dynamic data allocation in distributed database systems.Pakistan Journal of Information and Technology,2003,Vol 2,No 3:231-239
[75] Sun W T, Shu J W, Zheng W M. Dynamic file allocation in storage area networks with neural network prediction. Lecture Notes In Computer Science, 2004, Vol 3174,719~724
[76] Anderson R, Khattak A. The use of information retrieval techniques for intrusion detection. Web proceedings of the First International Workshop on Recent Advances in Intrusion Detection, 1998
[77] Goles E, Martinez S. Cellular Automata and Complex Systems. Amsterdam, Netherlands: Kluwer, 1999
[78] Wolfram S. Cellular Automata and Complexity: Collected Papers. Reading, MA: Addison-Wesley, 1994
[79] http://mathwodd.wolfram.com/CellularAutomaton.html
[80] 王丽娜.网络多媒体信息安全保密技术.武汉:武汉大学出版社.2003
[81] BBN Technologies and University of Illinois. The ITUA Intrusion Model.http://itua.bbn. com/model.html, August 2001.
[82] Ranger G R, Khoslan P K, Bakkaloglu M. et al. Survivable storage systems. In DARPA Information Survivability Conference and Exposition II.IEEE Computer Society. June 2001
[83] http://www.stanford.edu/~dado/ITTC
[84] 荆继武.高安全PKI系统研究[博士论文].北京:中国科学院软件研究所.2002
[85] Teng H S. Chen K, Lu S C. Security audit trail analysis using inductively generated predictive rules. Proceedings of the 6th Conference on Artificial Intelligence Applications, Santa Barbara, CA, May 1990
[86] Teng H S, Chen K, Lu S C. Adaptive real-time anomaly detection using inductively generated sequential patterns. Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, CA, May 1990
[87] Shamir A. How to share a secret. Communications of the ACM 22, 1979.
[88] Blakley G R. Safeguarding Cryptographic Keys. Proceeding of the National Computer Conference,1979,American Federation of Information Processing Societies.v.48,1979,pp. 313~317
[89] Schneier B,吴世忠(译).应用密码学协议、算法与C源程序(第二版).北京:机械工业出版社,2002
[90] Asmuth C, Bloom J. A modular approach to key safeguarding. IEEE Transaction on Information Theory. 1983,Vol IT-29,No 2:208~210
[91] Karin E D, Greece J W, Hellman M E.on sharing secrete systems. IEEE Transactions on Information Theory, 1983, Vol IT-29,35~41
[92] Brickell E, Davenport D. On the classification of ideal secret sharing schemes, Lecture Notes in Computer Science, 1990,Vol 435:278-285
[93] Blundo C, Santis A D, Gargano L, Vaccaro U. On the Information Rate of Secret Sharing Schemes. Lecture Notes in Computer Science, 1993,Vol 740:148~167
[94] He J, Dawson E.Multistage secret sharing based on one-way function. Electronics Letters, 1994,Vol 30,No. 19:1591~1582
[95] 刘焕平,杨义先,杨放春.基于单向函数的多级秘密共享方案.电子科学学刊,1999.Vol21,No 4:561~564
[96] McEliece R J, Sarwate D V. On sharing secret and reed-solomon codes. Communications of the ACM,1981,Vol 21,No 8:583~584
[97] Rabin T, Ben-Or M. Verifiable secrets sharing and multiparty protocols with honest majority. Proceedings 21st ACM Symposium on Theory of Computing, New York: ACM press,1989.
[98] 张建中,肖国镇.一个可防止欺诈的秘密分享方案.电子科学学刊,1999,Vol 21.No4:516~521
[99] Ghodosi H, Pieprzyk J. Cheating Prevention in Secret Sharing. Australasian Conference on Information Security and Privacy, 2000:328~341
[100] Pieprzyk J, Zhang X M. On Cheating Immune Secret Sharing. Information Security and Cryptology,2001,226-243
[101] Pieprzyk J, Zhang X M. Ideal Threshold Schemes from MDS Codes. 5th International Conference Information Security and Cryptology, Seoul, Korea, November 28-29, 2002
[102] 张申生.敏捷制造的理论、技术与实践.上海交通大学出版社,上海,2002
[103] Alberts. Power to the edge. American:CCRP,2003
[104] Ghosh A K, Wanken J, Charron F. Detecting anomalous and unknown intrusions against programs. Proceedings of the 1998 Annual Computer Security Applications Conference, December 1998
[105] Hui C C, Chanson S T. Hydrodynamic load balancing. IEEE Transactions on Parallel and Distributed System, 1999,Vol 10.No 11:1118~1137
[106] David A, Patterson, John L, Hennessy. Computer Architecture A Quantitative Approach.北京:机械工业出版社(影印版).1999
[107] 《运筹学》教材编写组.运筹学.北京:清华大学出版社.2000
[108] Http://www.cs.comell.edu/home/ldzhou/coca.htm/
[109] Http://www.globus.org/
[110] Http://www.ogsa-dai.org/
[111] Valdes A, Skinner K. An approach to sensor correlation. Recent Advances in Intrusion Detection, Toulouse, France, October 2000
[112] Valdes A, Skinner K. Probabilistic alert correlation. In Proceedings of the Fourth International Symposium on Recent Advances in Intrusion Detection,Davis, CA, USA,October,2001
[113] Fox K, Henning R, Reed J, Simonian R. A neural network approach towards intrusion detection. Technical Report, Harris Corporation, 1990
[114] Endler D. Intrusion detection: Applying machine learning to solaris audit data, In Proceedings of the 1998 Annual Computer Security Applications Conference (ACSAC98), Dec 1998
[115] Lee W. A Data Mining Framework for Constructing Features and Models for Intrusion Detection Systems, PhD thesis, Columbia University, 1999
[116] Lee W, Stolfo.S, Chan.P, et al. Real time data mining-based intrusion detection. Proceedings Second DARPA Information Survivability Conference and Exposition, 2001
[117] Medina M. A layered framework for placement of distributed intrusion detection devices. In proceedings of the 21st National Information Systems Security Conference, Crystal city, Virginia, October 1998
[118] Heberlein L, Levitt T, Mukherjee. A method to detect intrusive activity in a networked environment. Proceedings of the 14th National Computer Security Conference, Washington D C, October, 1991
[119] Cheung S. Crawford, R. Dilger, M. et al. The design of grids: A graph-based intrusion detection system. Technical Report CSE-99-2, U.C. Davis Computer Science Department, January 1999
[120] Lee W, Stolfo S J, Mok K W. A data mining framework for building intrusion detection models. In Proceedings of the 1999 IEEE Symposium on Security and Privacy, May 1999
[121] Huang M Y, Thomas M W. A large-scale distributed intrusion detection framework based on attack strategy analysis. Web proceedings of the First International Workshop on Recent Advances in Intrusion Detection, 1998
[122] Spyrou T, Darzentas J. Intention modeling: Approximation of computer user intentions for detection and prediction of intrusions. Information System. Greece: Samos, 1996
[123] Joseph P, et al. Building adaptive and agile applications using intrusion detection and response. Web Proceedings of Network and Distributed Systems Symposium, 2000
[124] William W, Cohen. Fast effective rule induction. In Machine Learning: Proceedings of the Twelfth International Conference, Lake Tahoe, California, 1999
[125] Agrawal R, Srikant R. Fast algorithms for mining association rules. In Proceedings of the 20th Intel Conference on Very Large Databases, Santiago, Chile, September,1994
[126] Chen M, Han J,Yu P. Data mining: An overview from database perspective. IEEE Transactions on Knowledge and Data Engineer, 1996,Vol 8,No 6:866~883
[127] Han J W, Kamber.M. Data Mining: Concepts and Techniques. Morgan Kaufmann Publishers. 2000.
[128] 高济.基于知识的软件智能化技术.杭州:浙江大学出版社.2002
[129] Agrawal R, Srikant R. Mining sequential patterns. Research Report RJ 9910, IBM Almaden Research Center, San Jose, California, October 1994.
[130] Feiertag R, Kahn C, et al. A Common Intrusion Specification Language (CISL). http://www.isi.edu/gost/cidf/drafts/language.txt, June 1999.
[131] Malkin M,Wu T, Boneh D. Building intrusion tolerant applications. Proceedings of DARPA Information Survivability Conference and Exposition, 2000, Volume 1:74~87
[132] Lee W K,Rahul A, Nimbalkar, et al. A data mining and CIDF based approach for detecting novel and distributed intrusions. Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection, Toulouse, France, Oct 2000.
[133] Lee W K, Stolfo S J. Data mining approaches for intrusion detection. Proceedings of the 7th USENIX Security Symposium, San Antonio, TX, January 1998.
[134] Lee W K, Stolfo S J, Mok K W. A data mining framework for building intrusion detection models, In Proceedings of the 1999 IEEE Symposium on Security and Privacy, May 1999.
[135] Spyrou T, Darzentas J. Intention modeling: Approximation of computer user intentions for detection and prediction of intrusions. Information System. Greece: Samos, 1996,319~335.
[136] Anup K, Ghosh, Schwartzbard A, Schatz M. Learning program behavior profiles for intrusion detection. Proceedings of the 1st USENIX Workshop on Intrusion Detection and Network Monitoring, Santa Clara, California, April 1999.
[137] Steven T. Eckmann. Translating snort rules to STATL scenarios. In Proceedings of the Fourth International Symposium on Recent Advances in Intrusion Detection,Davis, CA, USA, October 10-12, 2001.
[138] Patton S, Yurcik W, Doss D. An Achilles heel in signature-based IDS: squealing false positives in SNORT. Proceedings of the Fourth International Symposium on Recent Advances in Intrusion Detection.Davis, CA, USA,October 10-12, 2001
[139] Desai N. Increasing performance in high speed NIDS. http://online.securityfocus.com/data/library/Increasing_Performance_in_High_Speed_NIDS.pdf>
[140] Forrest S, Hofmeyr S A, Somayaji A, Longstaff T A. A sense of self for unix processes. Proceedings of the 1996 IEEE Symposium on Security and Privacy, IEEE Computer Society Press, Los Alamitos, CA, 1996
[141] Hofmeyr S A, Forrest S, Somayaji A. Intrusion detection using sequences of system calls. Journal of Computer Security, No 6:151~180, 1998
[142] Forrest S, Hofmeyr S A. Immunology as information processing. In Design Principles for the Immune System and Other Distributed Autonomous Systems, edited by L.A. Segel and I. Cohen. Santa Fe Institute Studies in the Sciences of Complexity. New York: Oxford University Press, 2000
[143] Warrender C, Forrest S, Pearlmutter B. Detecting intrusions using system calls: alternative data models. Proceedings of IEEE Symposium on Security and Privacy, Oakland, California, May 9-12 1999.
© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号 地址:北京市海淀区学院路29号 邮编:100083 电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700 |