| 数据挖掘技术在网络入侵检测中的应用 |
| |
| 引用本文: | 陈晓华,罗代升,何小海.数据挖掘技术在网络入侵检测中的应用[J].西南民族学院学报(自然科学版),2003,29(6):762-765. |
| |
| 作者姓名: | 陈晓华 罗代升 何小海 |
| |
| 作者单位: | [1]四川大学计算机学院,成都610064 [2]四川大学电子信息学院,成都610064 |
| |
| 摘 要: | 研究了系统化的通用入侵检测方法,其核心思想是使用数据挖掘技术去建立正常的系统和用户行为模式,使用Tcpdump抓取网络数据包,采用两种数据挖掘方法对网络数据包进行分析。同时,为了满足有效学习(挖掘)和实时检测的双重挑战,提出了一个构建网络入侵检测系统的基于代理的体系结构。
|
| 关 键 词: | 数据挖掘 网络入侵检测系统 网络数据包 网络安全 分类器 |
| 文章编号: | 1003-2843(2003)06-0762-04 |
| 修稿时间: | 2003年9月23日 |
Application of data mining technique for network-based intrusion detection |
| |
| CHEN Xiao-hua,LUO Dai-shcng,HE Xiao-hai.Application of data mining technique for network-based intrusion detection[J].Journal of Southwest Nationalities College(Natural Science Edition),2003,29(6):762-765. |
| |
| Authors: | CHEN Xiao-hua LUO Dai-shcng HE Xiao-hai |
| |
| Abstract: | The aim of the paper is to develop a general and systematic method for intrusion detection. The key ideas are to use data mining techniques to discover system features that show the normal pattern of system and user behavior. In this paper, we use two methods of data mining to analyze network data packet captured by Tcpdump. In addition, to meet the challenge of effective learning (mining) and real-time detection, we propose an agent-based architecture to build up an intrusion detecting system |
| |
| Keywords: | intrusion detection system data mining |
| 本文献已被 CNKI 维普 等数据库收录! |
