| 基于数据挖掘的入侵检测设计与实现 |
| |
| 引用本文: | 林萍,冯金刚.基于数据挖掘的入侵检测设计与实现[J].科学技术与工程,2006,6(6):763-767. |
| |
| 作者姓名: | 林萍 冯金刚 |
| |
| 作者单位: | 1. 广东科学技术职业学院计算机工程系,珠海,519090
2. 中国工商银行软件开发中心,珠海,519080 |
| |
| 摘 要: | 在现有的Intrusion Detection System(IDS)中,如果出现新的攻击方法或者网络环境的改变,经常需要更新已安装的IDS系统,但更新IDS特征库和适应网络环境是一个费时而缓慢的过程。利用数据挖掘技术,通过学习已有的攻击和正常活动数据。提取攻击规则,然后把这些规则应用到误用检测和异常检测中,这样系统可以有很高的自适应性。规则的更新和系统的更新很快费用也很低廉,而且检测率较高,通过实验证明将数据挖掘运用到入侵检测系统中是可行的、有效的。
|
| 关 键 词: | 数据挖掘 入侵检测 规则库 检测率 误警率 |
| 文章编号: | 1671-1815(2006)06-0763-05 |
| 收稿时间: | 2005-11-23 |
| 修稿时间: | 2005年11月23 |
Research and Implementation of Intrusion Detection Based on Data Mining |
| |
| LIN Ping,FENG Jingang.Research and Implementation of Intrusion Detection Based on Data Mining[J].Science Technology and Engineering,2006,6(6):763-767. |
| |
| Authors: | LIN Ping FENG Jingang |
| |
| Abstract: | There is often the need to update an installed Intrusion Detection System (IDS) due to new attack methods or upgraded computing environments. Since many current IDSs are constructed by manual encoding of expert knowledge, changed to IDSs are expensive and slow. However, the data mining techniques in discovering behavior features have a big advantage. In this models, first features and rules from the training data are extracted, then using these rules to detect new intrusion, by using this means, updating rules and system will be more faster and cheaper. The diction rate is high, the result proves that using data mining technology for building Intrusion Detection System is feasible and availably. |
| |
| Keywords: | data mining IDS feature rules detection rate false alarm rate |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《科学技术与工程》浏览原始摘要信息 |
| 点击此处可从《科学技术与工程》下载免费的PDF全文 |
