期刊文献+

基于改进关联规则的网络入侵检测方法的研究 被引量:4

Research on Network Intrusion Detection Method Based on Improved Association Rules
原文传递
导出
摘要 研究关联规则的高效挖掘算法对于提高入侵检测的准确性和时效性具有非常重要的意义。针对现行的入侵检测方法建立的正常模式和异常模式不够准确、完善,容易造成误警或漏警的问题,本文将改进后的关联规则挖掘算法-XARM和关联规则增量更新算法-SFUP应用于网络入侵检测,提出了新的入侵检测方法,该方法通过挖掘训练审计数据中的频繁项集建立系统和用户的正常行为模型以及入侵行为模型。 The research of efficient association rules mining algorithm has important value for improving accuracy and efficiency of IDS. Because the user behavior features extracted by current IDS cannot reflect real circumstances, normal and abnormal models are not so accurate and perfect. The paper presents an intrusion detection method based on a fast mining algorithm XARM and an incremental updating algorithm SFUP. This method first constructs user normal and abnormal models by mining training data sets. Then, the real time behavior model is obtained by incrementally updating the real Internet data, and the intrusion detection is accomplished by marching the model database. These methods can distinquisb normal behavior form abnormal behavior, timely update and improve IDS models.
作者 刘艳云
出处 《通信技术》 2008年第12期316-318,共3页 Communications Technology
关键词 关联规则 序列模式 频繁模式 入侵检测 association rule sequence mode frequent mode IDS
  • 相关文献

参考文献6

二级参考文献24

  • 1马时刘.IP VPN及其分类[J].现代通信,2001(11):15-15. 被引量:1
  • 2舒雅琴,曾锦光.基于GA的BP网络模型及其应用[J].宁波大学学报(理工版),2000,13(4):39-44. 被引量:4
  • 3Jiawei Han,Jian Pei.Simon Fraser Sequential Pattern Mining:From Shopping History Analysis to Weblog and DNA Mining.University,Canada:
  • 4Wenke.Lee.A Aata Mining for Constructing Feature and Model for Intrusion Detection System[D].COLUMBIA UNIVERSITY,1999.
  • 5Wenke.Lee.,S.J.Stolfo,K.W.Mok.Algorithms For Mining System Audit Data[R].In Proceedings of the 1999 IEEE Symposium on Security and Privacy,1999.
  • 6R.Agrawal,T.Imielinaki,A.Swami.Mining assosiation rules between sets of items in large database[C].Washington,D.C:In Proc.of the ACM SIGMOD Conference on Management of Data,1993:207-216.
  • 7R.Agrawal,R.Srikant,Mining Sequential Patterns[R].Proceedings of the 11th International Conference on Data Engineering,1995.
  • 8R.Agrawal and R.Srikant.Mining Sequential Patterns:Generalizations and Performance Improvements[R].Proceeding of the Fifth Int'l Conference on Extending Database Technology (EDBT),1996:3-17.
  • 9R.Agrawal,A.Arning,T.Bollinger,M.Mehta,J.Shafer,R.Srikant:The Quest Data Mining System[R].Portland:Proc.of the 2nd Int'l Conference on Knowledge Discovery in Databases and Data Mining,Portland,1996.
  • 10R.Agrawal and R.Srikant.Mining Generalized Assosiation Rules[R].Zurich:In Proceeding of the 21st Int'l Conference on Very Large Database,1995.

共引文献73

同被引文献19

引证文献4

二级引证文献15

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部