Full-Text Search:
Home|Journal Papers|About CNKI|User Service|FAQ|Contact Us|中文
《Microcomputer Information》 2009-03
Add to Favorite Get Latest Update

Off-line Analysis Research and Implementation Based on Drools

XIU Jie-lei XU Nan-shan WEI Sheng-jun(Department of Computer,School of Information Science, Beijing University of Chemical Technology,Beijing 100029, China) (Laboratory of Computer Network Defense Technology, Beijing Institute of Technology,Beijing 100081,China)  
A kind of offline analysis based on Drools was proposed. It was a complementarily to real-time analysis of the host detection system. It not only compressed the large quantity of alerts generated by monitoring system, but also accomplished the security events association on the whole operation procedure. Firstly, general model was constructed based on the Drools principle. Secondly, the detailed design tactics and the key technologies realization were provided. Finally the off-line simulation results using the flash memory disks alerts showed that the quantity compressibility of alerts was above 9.898% and the attack (operation) procedure was successfully achieved.
【CateGory Index】: TP393.08
Download(CAJ format) Download(PDF format)
CAJViewer7.0 supports all the CNKI file formats; AdobeReader only supports the PDF format.
©2006 Tsinghua Tongfang Knowledge Network Technology Co., Ltd.(Beijing)(TTKN) All rights reserved