| 基于数据挖掘的实时入侵检测技术的研究 |
| |
| 引用本文: | 胡敏,潘雪增,平玲娣.基于数据挖掘的实时入侵检测技术的研究[J].计算机应用研究,2004,21(1):105-108. |
| |
| 作者姓名: | 胡敏 潘雪增 平玲娣 |
| |
| 作者单位: | 浙江大学,计算机科学与技术学院,浙江,杭州,310027 |
| |
| 基金项目: | 国家创新基金资助项目(00c26213300785),浙江省自然科学基金资助项目(001101104) |
| |
| 摘 要: | 探讨了实时环境下运用基于数据挖掘技术的入侵检测系统,针对传统入侵检测系统的局限性,就正确度、效率以及可用性三方面的问题提出了相应的解决办法,可以在保证正确度的情况下又能同时提高效率,并采用提出的方法开发了一个基于数据挖掘的实时入侵检测系统,使得共享和存储审计数据以及发布全新或更新模型变得容易,同时也提高了IDS的效率和可扩展性。
|
| 关 键 词: | 入侵检测 误用检测 异常检测 数据挖掘 |
| 文章编号: | 1001-3695(2004)01-0105-04 |
| 修稿时间: | 2003年1月6日 |
Research on Data Mining-based Intrusion Detection in Real-time Environment |
| |
| HU Min,PAN Xue-zeng,PING Ling-di.Research on Data Mining-based Intrusion Detection in Real-time Environment[J].Application Research of Computers,2004,21(1):105-108. |
| |
| Authors: | HU Min PAN Xue-zeng PING Ling-di |
| |
| Abstract: | This paper focuses on issures related to deploying a data mining-based IDS (Intrusion Detection System) in a real time environment To overcome the limitations of traditional IDS, the corresponding solutions to accurracy, efficiency and usability is presented.These solutions impove efficiency of traditional DOS and maintain a desired accuracy level. This paper also proposed an architecture consisting of sensors, detectors, a data warehouse and model generation components. This architecture facilitates the sharing and storage of audit data and the distribution of new or updated models. Also, it improves the efficiency and scalability of the traditional IDS. |
| |
| Keywords: | Intrusion Detection Misuse Detection Anomaly Detection Data Mining |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
