| 基于数据挖掘的网络数据库入侵检测系统 |
| |
| 引用本文: | 王丽娜,董晓梅,郭晓淳,于戈.基于数据挖掘的网络数据库入侵检测系统[J].东北大学学报(自然科学版),2003,24(3):225-228. |
| |
| 作者姓名: | 王丽娜 董晓梅 郭晓淳 于戈 |
| |
| 作者单位: | 东北大学信息科学与工程学院,辽宁沈阳,110004 |
| |
| 基金项目: | 国家自然科学基金资助项目 ( 90 10 40 0 5,60 173 0 5 1),国家“八六三”高技术计划CIMS主题项目 ( 2 0 0 1AA415 2 10 ) |
| |
| 摘 要: | 提出一种基于数据挖掘的网络数据库入侵检测模型 (NDBIDS) ·讨论了NDBIDS的结构及各部件的功能·利用关联规则Apriori算法 ,对用户正常历史数据进行挖掘 ,并对产生的规则进行归并更新 ,通过训练学习生成异常检测模型 ,并利用此模型实现基于数据挖掘的异常检测·NDBIDS可以检测伪装攻击、合法用户的攻击和攻击企图三种类型的攻击 ,通过实验给出了相应攻击的检测率、假报警率、漏报率和检测正确率·本系统的建立不依赖于经验 ,具有较强的灵活性
|
| 关 键 词: | 数据挖掘 关联规则 入侵检测 攻击 数据库安全 |
| 文章编号: | 1005-3026(2003)03-0225-04 |
| 修稿时间: | 2002年4月12日 |
Research on Intrusion Detection System for Network Database based on Data Mining |
| |
| WANG Li na,DONG Xiao mei,GUO Xiao chun,YU Ge.Research on Intrusion Detection System for Network Database based on Data Mining[J].Journal of Northeastern University(Natural Science),2003,24(3):225-228. |
| |
| Authors: | WANG Li na DONG Xiao mei GUO Xiao chun YU Ge |
| |
| Institution: | (1) Sch. of Info. Sci. and Eng., Northeastern Univ., Shenyang 110004, China |
| |
| Abstract: | An intrusion detection system model for network database NDBIDS based on data mining was proposed. The framework of the intrusion detection system and the function of components were discussed. The users' normal historical data were mined by the Apriori association rule algorithm. The anomaly detection model was implemented by merging and updating the rules. Three kinds of attacks, masquerading, penetration and intrusion attemp, can be detected by NDBIDS. The corresponding detection rate, false alarm rate, missing report rate and correctness rate were computed. The construct of system does not depend on experiences, so it has good flexibility. |
| |
| Keywords: | data mining association rule intrusion detection attack database security |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《东北大学学报(自然科学版)》浏览原始摘要信息 |
| 点击此处可从《东北大学学报(自然科学版)》下载免费的PDF全文 |
