期刊文献+

多层差异网络深度入侵数据挖掘方法研究 被引量:13

Multilayer Network Intrusion Data Mining Depth Difference Method Research
下载PDF
导出
摘要 研究多层差异网络入侵的高效检测问题,保障工业网络控制系统的安全。由于在多层差异网络环境下,不同层次、不同深度的网络空间受到的入侵破坏程度和入侵特征完全不同。传统的入侵检测都是把这些差异化的入侵结果进行加权,计算一个融合后的阀值,衡量是否被入侵,但是这种方法没有对不同层次的入侵特征进行细分,误报率和漏报率较高,提出一种基于模糊C均值聚类算法的多层差异网络深度入侵检测的数据挖掘方法。采集相关数据进行样本特征的提取和分析,利用模糊C均值聚类方法对不同层的入侵数据进一步的分类计算,在分类后的结果中,获取异常数据的行为模式,根据不同模式的结果完成入侵检测。实验结果表明,利用改进算法进行多层差异网络深度入侵检测挖掘,能够提高检测准确率,降低误报率,提高检测效率。 Muhilayer differences of efficient network intrusion detection, the relation to the safety of the industrial network control system. In multilayer differences under the network environment, the depth of different levels, different network space by invasive extent of damage and the characteristics of the entirely different. Traditional intrusion detection is the differentiation of weighted invasion results, calculation of the threshold after a fusion, to measure whether it was an invasion, but this method is not more subdividing invasion characteristics of different levels and the rate of false positives and non - response rates higher, and puts forward a fuzzy c - means clustering algorithm based on the multilayer difference depth of network intrusion detection method of data mining. To collect relevant data samples feature extraction and analysis, the fuzzy c - means clustering method to different layers of the classification of the intrusion data further calculation, after the classification results, obtain abnormal data patterns of behaviour, ac- cording to the results of different model to complete the intrusion detection. Experimental results show that the im- proved algorithm USES the differences between network intrusion detection mining depth, can improve the detection accuracy, reduce the rate of false positives, improve the detection efficiency.
作者 李骏骁
出处 《计算机仿真》 CSCD 北大核心 2015年第4期235-238,251,共5页 Computer Simulation
关键词 多层差异网络 入侵检测 模糊聚类算法 Difference of multilayer network Intrusion detection Fuzzy clustering algorithms
  • 相关文献

参考文献10

  • 1J Yu, Y Reddy,S Selliah. TRINETR: An architecture for collabora-tive intrusion detection and knowledge - based alert evaluation[ J].Advanced Engineering Informatics ,2005 :83 -102.
  • 2Soojin Lee, Byungchun Chung, Heeyoul Kim, Yunho Lee, ChanilPark, Hyunsoo Yoon. Real — time analysis of intrusion detection a-lerts via correlation[ J]. Computersand Security,2006 : 159 - 173.
  • 3N Ye,X Li,Q Chen. Probabilistic techniques for intrusion detectionbased on computer audit data[ J] . IEEE Transactions on SystemsMan and Cybernetics - Part A: Systems and Humans,2001, (5):266-274.
  • 4F Cuppens, A Miege. Alert correlation in a cooperative intrusiondetection framework [ J ]. Washington DC : IEEE Computer SocietyPress,2002. 192-217.
  • 5KMC Tan. The Application of Neural Networks to Unix ComputerSecurity[M]. Department of Computer Science University of Mel-bourne Parkville 3052 Australia, 1995.
  • 6Yeung D Y,Ding Y. Host - based Intrusion Detection Using Dy-namic and Static Behavioral Models [ J ]. Pattern Recognition,2003 :209 -233.
  • 7L Portnoy,E Eskin,S J Stolfo. Intrusion detection with unlabeleddata using clustering[ R]. Phila delphia, PA: ACM Press,2001:2-8.
  • 8Lee Wen - ke. A framework for constructing featur - and modelsfor intrusion detection systems [ J ]. ACM Transactions on Informa-tion and System Security, 2000 ,(4) :187 -231.
  • 9Wenke Lee,Salvatore J Stolfo. Adaptive intrusion detection: A datamining approach [ J ]. Artificial Intelligence Review, 2000, ( 6 );493 -529.
  • 10S Lee, M G Genton, R B Arellano — Valle. Perturbation of nu —merical confidential data via skew -1 distributions[ J]. Manage ,ment Science,2012.

同被引文献106

引证文献13

二级引证文献85

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部