| 数据挖掘技术在入侵检测中的应用研究 |
| |
| 引用本文: | 顾健辉,孙力娟.数据挖掘技术在入侵检测中的应用研究[J].微机发展,2006,16(9):243. |
| |
| 作者姓名: | 顾健辉 孙力娟 |
| |
| 作者单位: | 南京邮电大学计算机学院 江苏南京210003 |
| |
| 基金项目: | 江苏省高校自然科学研究基金项目(04KJB520095) |
| |
| 摘 要: | 随着Internet迅速发展,许多新的网络攻击不断涌现。传统的依赖手工和经验方式建立的基于专家系统的入侵检测系统,由于面临着新的攻击方式及系统升级方面的挑战,已经很难满足现有的应用要求。因此,有必要寻求一种能从大量网络数据中自动发现入侵模式的方法来有效发现入侵。这种方法的主要思想是利用数据挖掘方法,从经预处理的包含网络连接信息的审计数据中提取能够区分正常和入侵的规则。这些规则将来可以被用来检测入侵行为。文中将数据挖掘技术应用到入侵检测中,并对其中一些关键算法进行了讨论。最后提出了一个基于数据挖掘的入侵检测模型。实验证明该模型与传统系统相比,在自适应和可扩展方面具有一定的优势。
|
| 关 键 词: | 数据挖掘 入侵检测 IDS 网络攻击 |
| 文章编号: | 1673-629X(2006)09-0243-03 |
| 修稿时间: | 2005年11月28 |
Application Research of Data Mining Technology to Intrusion Detection |
| |
| GU Jian-hui,SUN Li-juan.Application Research of Data Mining Technology to Intrusion Detection[J].Microcomputer Development,2006,16(9):243. |
| |
| Authors: | GU Jian-hui SUN Li-juan |
| |
| Abstract: | Along with the rapid development of Internet,many new network attacks emerge unceasingly.Traditional intrusion detection system(IDS) based on expert system depending on handwork and experience,is already very difficult to satisfy the existing application request now,because it is facing challenges from new forms of attacks and system upgrade.So it is necessary to find a method that can extract intrusion patterns from substantive network data automatically.The main idea is to apply data mining methods to learn rules that can capture normal and intrusion activities from pre-processed audit data that contain network connection information.These rules can be used to detect intrusion behavior later.In this paper,data mining technology has been applied to intrusion detection, some algorithms of data mining have been discussed.Then a model of data-mining based on intrusion detection system has been proposed.The experiment proved that,compared with the traditional system,this model has certain superiority in auto-adaptive and extensive. |
| |
| Keywords: | data mining intrusion detection IDS network attacks |
| 本文献已被 CNKI 等数据库收录! |
|
