| WA-IDS: A Distributed Intrusion Detection System Based on Data Mining |
| |
| 作者姓名: | SUNJian-hua JINHai CHENHao HANZong-fen |
| |
| 作者单位: | ClusterandGridComputingLab,HuazhongUniversityofScienceandTechnology,Wuhan430074,Hubei,China |
| |
| 基金项目: | SupportedbytheKeyNatureScienceFoundationofHubeiProvince(2001ABA001)andtheWuhanCityHiTechProject(20031003027) |
| |
| 摘 要: | Aiming at the shortcomings in intrusion detection systems (IDSs) used in commercial and research fields, we propose the MAIDS system, a distributed intrusion detection system based on data mining. In this model, misuse intrusion detection system (MIDS) and anomaly intrusion detcction system (AIDS) are combined. Data mining is applicd to raise detection performance, and distributed mechanism is employed to increase the scalability and efficiency. Host- and network based mining algorithms employ an improved Bayesian decision theorem that suits for real security environment to minimize the risks incurred by false decisions. We describe the overall architeeture of thc MA-IDS system, and discusss pecific design and implementation issue.
|
| 关 键 词: | 入侵检测 WA-IDS 数据挖掘 分布式系统 计算机安全 |
| 收稿时间: | 10 May 2004 |
MA-IDS: A distributed intrusion detection system based on data mining |
| |
| SUNJian-hua JINHai CHENHao HANZong-fen.MA-IDS: A distributed intrusion detection system based on data mining[J].Wuhan University Journal of Natural Sciences,2005,10(1):111-114. |
| |
| Authors: | Sun Jian-hua Jin Hai Chen Hao Han Zong-fen |
| |
| Institution: | (1) Cluster and Grid Computing Lab, Huazhong University of Science and Technology, 130074, Hubei Wuhan, China |
| |
| Abstract: | Aiming at the shortcomings in intrusion detection systems (IDSs) used in commercial and research fields, we propose the MA-IDS system, a distributed intrusion detection system based on data mining. In this model, misuse intrusion detection system (MIDS) and anomaly intrusion detection system (AIDS) are combined. Data mining is applied to raise detection performance, and distributed mechanism is employed to increase the scalability and efficiency. Host- and network-based mining algorithms employ an improved Bayesian decision theorem that suits for real security environment to minimize the risks incurred by false decisions. We describe the overall architecture of the MA-IDS system, and discuss specific design and implementation issue. |
| |
| Keywords: | intrusion detection data mining distributed system |
| 本文献已被 CNKI 维普 万方数据 SpringerLink 等数据库收录! |
