| 基于改进关联规则的网络入侵检测方法的研究 |
| |
| 引用本文: | 刘艳云.基于改进关联规则的网络入侵检测方法的研究[J].通信技术,2008,41(12). |
| |
| 作者姓名: | 刘艳云 |
| |
| 作者单位: | 江苏食品职业技术学院,江苏,淮安,223003 |
| |
| 摘 要: | 研究关联规则的高效挖掘算法对于提高入侵检测的准确性和时效性具有非常重要的意义.针对现行的入侵检测方法建立的正常模式和异常模式不够准确、完善,容易造成误警或漏警的问题,本文将改进后的关联规则挖掘算法-XARM和关联规则增量更新算法-SFUP应用于网络入侵检测,提出了新的入侵检测方法,该方法通过挖掘训练审计数据中的频繁项集建立系统和用户的正常行为模型以及入侵行为模型.
|
| 关 键 词: | 关联规则 序列模式 频繁模式 入侵检测 |
Research on Network Intrusion Detection Method Based on Improved Association Rules |
| |
| LIU Yan-yun.Research on Network Intrusion Detection Method Based on Improved Association Rules[J].Communications Technology,2008,41(12). |
| |
| Authors: | LIU Yan-yun |
| |
| Affiliation: | LIU Yan-yun (Jiangsu Food Science College,Huaian Jiangsu 223003,China) |
| |
| Abstract: | The research of efficient association rules mining algorithm has important value for improving accuracy and efficiency of IDS.Because the user behavior features extracted by current IDS cannot reflect real circumstances,normal and abnormal models are not so accurate and perfect.The paper presents an intrusion detection method based on a fast mining algorithm XARM and an incremental updating algorithm SFUP.This method first constructs user normal and abnormal models by mining training data sets.Then,the real... |
| |
| Keywords: | association rule sequence mode frequent mode IDS |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
