| 基于关联规则的IDS规则库构建应用研究 |
| |
| 引用本文: | 莫家庆,杨帆.基于关联规则的IDS规则库构建应用研究[J].计算机工程与设计,2007,28(23):5621-5623. |
| |
| 作者姓名: | 莫家庆 杨帆 |
| |
| 作者单位: | 肇庆学院,计算机科学系,广东,肇庆,526061 |
| |
| 摘 要: | 入侵检测系统的检测性能很大程度上取决于规则库的更新.网络安全的日益严峻对入侵检测系统的规则提取提出了更高要求.提出了将关联规则算法运用于入侵检测系统规则库更新的设想,阐述了传统的关联规则算法,并针对其入侵检测系统中的应用进行改进.以Snort为例,详细描述了用改进的关联规则算法挖掘网络数据集,然后将结果转换为入侵检测规则的过程,并以实验说明了应用关联规则构建入侵检测系统规则库的可行性.
|
| 关 键 词: | 关联规则 入侵检测规则 规则库 入侵检测系统 算法 关联规则算法 规则库 应用 研究 association rules based library constructing research 实验 过程 检测规则 结果转换 数据集 网络安全 挖掘 描述 Snort 改进 阐述 |
| 文章编号: | 1000-7024(2007)23-5621-03 |
| 收稿时间: | 2007-01-15 |
| 修稿时间: | 2007年1月15日 |
Application research of constructing IDS rules library based on association rules |
| |
| MO Jia-qing,YANG Fan.Application research of constructing IDS rules library based on association rules[J].Computer Engineering and Design,2007,28(23):5621-5623. |
| |
| Authors: | MO Jia-qing YANG Fan |
| |
| Abstract: | The performance of network intrusion detection system(IDS)depends on upgrading of rules greatly. The serious security problems require better performance on upgrading rules. Applying association rules on updating of detective rules library in IDS is as- sumed. The traditional association rules algorithm is analyzed, and some improvement is done aimed at the IDS. By giving an example of Snort, the improved association rules algorithm is applied to mine the network dataset, and the result is translated into intrusion detective rules. The experiment shows feasibility of applying the association rules to construct the IDS rules Library. |
| |
| Keywords: | association rules intrusion detective rules rules library intrusion detection system algorithm |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
