期刊文献+

混合属性数据流的两阶段入侵检测算法 被引量:2

Two-phase Intrusion Detection Algorithm in Mixed Attributes Data Stream
下载PDF
导出
摘要 以KDDCUP99-10%网络入侵数据集作为数据流,提出一种混合属性数据流的两阶段入侵检测算法。通过增量聚类提取数据流的代表信息,根据提出的加权模糊簇特征对增量聚类结果做模糊聚类,簇数可动态改变。理论分析和实验结果表明,该算法可以有效检测数据流入侵。 This paper proposes a two-phase intrusion detection algorithm in mixed attributes data stream KDDCUP99-10% network intrusion data set. The algorithm gains the statistical information in data stream by the incremental clustering. Weighted fuzzy clustering is done based on the statistical information according to proposed weighted fuzzy cluster feature. The number of clusters for fuzzy clustering can change dynamically. Theoretical analysis and experimental results show the algorithm can detect the intrusion behaviors effectively.
出处 《计算机工程》 CAS CSCD 北大核心 2010年第18期19-20,23,共3页 Computer Engineering
基金 国家"863"计划基金资助项目(2006AA01A120) 河南省教育厅自然科学基础研究计划基金资助项目(2010A520033)
关键词 混合属性 模糊聚类 数据流 入侵检测 mixed attributes fuzzy clustering data stream intrusion detection
  • 相关文献

参考文献5

  • 1Oh S,Kang J,Byun Y,et al.Intrusion Detection Based on Clustering a Data Stream[C] //Proc.of the 3rd ACIS Int'l Conf.on Software Engineering Research,Management and Applications.Mount Pleasant,USA:[s.n.] ,2005:220-227.
  • 2周刚,刘渊,陈晓光.基于小波的DDoS入侵流分析[J].计算机工程,2008,34(15):156-158. 被引量:6
  • 3俞研,郭山清,黄皓.基于数据流的异常入侵检测[J].计算机科学,2007,34(5):66-71. 被引量:11
  • 4Jiang Shengyi,Song Xiaoyu.A Clustering-based Method for Unsupervised Intrusion Detections[J].Pattern Recognition Letters,2006,27(5):802-810.
  • 5Aggarwal C C,Han Jiawei,Wang Jianyong,et al.A Framework for Clustering Evolving Data Streams[C] //Proc.of the 29th Int'l Conf.on Very Large Data Bases.Berlin,Germany:[s.n.] ,2003:81-92.

二级参考文献21

  • 1王欣,方滨兴.Hurst参数变化在网络流量异常检测中的应用[J].哈尔滨工业大学学报,2005,37(8):1046-1049. 被引量:14
  • 2任勋益,王汝传,王海艳.基于自相似检测DDoS攻击的小波分析方法[J].通信学报,2006,27(5):6-11. 被引量:56
  • 3Endorf C,Schultz E,Mellander J.Intrusion Detection & Prevention.McGraw-Hill,2004
  • 4Lee Wenke,Stolfo S J,Mok K W.A data mining framework for building intrusion detection models.In:Proceedings of the 1999 IEEE Symposium on Security and Privacy,Oakland,1999
  • 5Cannady J,Mahaffey J.The Application of Artificial Neural Networks to Misuse Detection:Initial Results.In:Proceedings of the 1st International Workshop on Recent Advances in Intrusion Detection (RAID 1998),1998
  • 6Mukkamala S,Sung A H.Feature Ranking and Selection for Intrusion detection Systems.In:Proceedings of International Conference on Information and Knowledge Engineering,2002.503~509
  • 7Han Jiawei,Kamber M.Data Mining:Concepts and Techniques.Morgan Kaufmann Publishers,2001
  • 8Breunig M M,Kriegel H P,Ng R T,et al.LOF:Identifying density-based local outliers.In:Proceedings of the ACM SIGMOD International Conference on Management of Data Dallas,2000.93~104
  • 9Portnoy L,Eskin E,Stolfo S J.Intrusion detection with unlabeled data using clustering.In:Proceedings of ACM CSS Workshop on Data Mining Applied to Security (DMSA-2001),Philadelphia,2001
  • 10Wang Q,Megalooikonomou v.A clustering algorithm for intrusion detection.In:SPIE Conference on Data Mining,Intrusion Detection,Information Assurance,and Data Networks Security 2005.Orlando,Florida,USA,Mar.2005

共引文献14

同被引文献9

  • 1Song Haoyu, Dharmapurikar S, Turner J, et al. Fast Hash Table Lookup Using Extended Bloom Filter: An Aid to Network Processing[J]. ACM SIGCOMM Computer Communication Review, 2005, 35(4): 181-192.
  • 2Paxson V. Bro: A System for Detecting Network Intruders in Real Time[J]. Computer Networks, 1999, 31(23): 2435-2463.
  • 3Li Xin, Ji Zhengzhou, Hu Mingzeng. Stateful Inspection Firewall Session Table Processing[J]. International Journal of Information Technology, 2005, 11(2): 21-30.
  • 4Oh J, Kim B, Yoon S, et al. Architecture and Mechanisms for Implementing an FPGA-based Stateful Intrusion Detection System[J]. International Journal of Computer Science and Network Security, 2007, 7(5): 110-117.
  • 5Gulati N, Williamson C, Bunt R. LAN Traffic Locality: Characteri- zation and Application[C] //Proc. of the 1st International Confer- ence in Local Area Network Interconnection. New York, USA: Plenum Publishing Corporation, 1993: 233-250.
  • 6Williamson C. Internet Traffic Measurement[J]. IEEE Internet Computing, 2001, 5(6): 70-74.
  • 7罗军生,李永忠,杜晓.基于模糊C-均值聚类算法的入侵检测[J].计算机技术与发展,2008,18(1):178-180. 被引量:21
  • 8廖志芳,罗浩,樊晓平,刘克准.一种面向混合属性数据聚类的新算法[J].控制与决策,2009,24(5):697-700. 被引量:5
  • 9朱永宣,单莘,郭军.入侵检测系统中基于PCA和C-SSGA的双向数据压缩[J].哈尔滨工业大学学报,2009,41(9):123-127. 被引量:2

引证文献2

二级引证文献4

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部