中文摘要：

协议异常检测是目前入侵检测领域研究的新方向．本文研究状态的转移特性和频率特性，在此基础上建立模型进行协议异常检测．模型的训练和检测使用DARPA 1999年的数据集，实验结果验证了所建立模型的准确性．

英文摘要：

A protocol anomaly detection is the new research topic in current intrusion detection field. The transition and frequency properties were studied in this paper. The protocol anomaly detection was then set up. The model＇s correctness and effectiveness is demonstrated by experiments used MIT Lincoln Laboratory 1999 DARPA Intrusion Detection Evaluation Data Set.