Full-Text Search:
Home|About CNKI|User Service|中文
Add to Favorite Get Latest Update

Off-line Analysis Research and Implementation Based on Drools

XIU Jie-lei XU Nan-shan WEI Sheng-jun(Department of Computer,School of Information Science, Beijing University of Chemical Technology,Beijing 100029, China) (Laboratory of Computer Network Defense Technology, Beijing Institute of Technology,Beijing 100081,China)  
A kind of offline analysis based on Drools was proposed. It was a complementarily to real-time analysis of the host detection system. It not only compressed the large quantity of alerts generated by monitoring system, but also accomplished the security events association on the whole operation procedure. Firstly, general model was constructed based on the Drools principle. Secondly, the detailed design tactics and the key technologies realization were provided. Finally the off-line simulation results using the flash memory disks alerts showed that the quantity compressibility of alerts was above 9.898% and the attack (operation) procedure was successfully achieved.
Download(CAJ format) Download(PDF format)
CAJViewer7.0 supports all the CNKI file formats; AdobeReader only supports the PDF format.
©CNKI All Rights Reserved