摘要
提出了一个基于数据挖掘的系统审计机制。该机制是基于Windows操作系统的,用于审计系统日志以及记录用户对系统所做的任何操作,从并数据挖掘中的相关算法中找出规律,发现攻击事件以及隐患事件。通过对Apriori算法进行深入研究,提出了综合划分数据及临时表的Apriori改进算法。比较分析表明,该机制有较好的效率和性能。
A mechanism of system audit based on date mining technology is proposed. The mechanism is based on Windows operating system, it is used to audit system's logs and record the user's operation, it finds out rules from these records using data mining algorithm, and finds attack events and hidden trouble things. Lucubrating the Apriori algorithm, an enhanced algorithm associating divide data and temporary table is put forward. By comparing and analyzing, better efficiency and performance is obtained.
出处
《计算机工程与设计》
CSCD
北大核心
2007年第21期5108-5109,5114,共3页
Computer Engineering and Design
基金
2005年江西省科学技术厅联合江西省教育厅招标重大科技基金项目(0511071)。