J4

• 研究论文 • 上一篇    下一篇

基于数据挖掘的入侵检测系统检测引擎的设计

吕锡香;杨波;裴昌幸;苏晓龙   

  1. (西安电子科技大学 综合业务网理论及关键技术国家重点实验室, 陕西 西安 710071)

  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2004-08-20 发布日期:2004-08-20

A data mining based design for the detection engine of the intrusion detection system

Lü Xi-xiang;YANG Bo;PEI Chang-xin;SU Xiao-long

  

  1. (State Key Lab. of Integrated Service Networks, Xidian Univ., Xi'an 710071, China)
  • Received:1900-01-01 Revised:1900-01-01 Online:2004-08-20 Published:2004-08-20

被引次数

59

摘要: 针对一种多点检测集中决策的入侵检测系统检测引擎的设计方案,提出了其基本检测引擎的实施策略.该策略将滑窗技术运用于数据挖掘算法,大大提高了检测效率及检测准确度.给出了对数据挖掘算法Apriori的改进思想,改进后的算法不需要频繁搜索数据库中所有的项,并且由频繁(n-1)-谓词集连接生成候选n-谓词集时不连接具有相同谓词的项,又一次大大减少了下一次搜索的项数,依次形成良性循环.测试结果表明改进后的算法在很大程度上能提高算法的效率并且更适合网络数据的挖掘.

关键词: 入侵检测, 数据挖掘, 网络安全

Abstract: We discuss our research in developing the detection engine of the intrusion detection system. The key ideas are to combine the slide window into the data mining technique to design the base detection engine which is the essential share of the meta detection engine. In addition, Apriori, a kind of data mining algorithm, is improved to mine network data. The improved algorithm does not scan all items in database and only links the items in the same list, so the detection efficiency is improved greatly. Also, other key details in IDS are put forward.

Key words: intrusion detection system, data mining, network security

中图分类号: 

  • TN915.08
 陕ICP备09011600号
版权所有 © 2018 《西安电子科技大学学报》编辑部
地址:西安市太白南路2号349信箱(710071) Tel: (029)88202853 Email:xuebao@mail.xidian.edu.cn
本系统由北京玛格泰克科技发展有限公司设计开发
Baidu
map