| 一种新型的自适应入侵检测系统的研制 |
| |
| 引用本文: | 陈苒菁,黄天戍.一种新型的自适应入侵检测系统的研制[J].武汉大学学报(理学版),2005,51(3):351-355. |
| |
| 作者姓名: | 陈苒菁 黄天戍 |
| |
| 作者单位: | 武汉大学,电子信息学院,湖北,武汉,430072 |
| |
| 基金项目: | 公安部基金资助项目(200342-823-01) |
| |
| 摘 要: | 针对当前入侵监测系统存在的自适应能力较差、扩展性差的问题,基于面向混合类型数据的快速启发式聚类算法FHCAM和属性约束的模糊规则挖掘算法ACFMAR,提出了一种采用数据挖掘技术的自适应入侵检测系统DMAIDS.该系统通过划分聚类的方法划分出异常入侵记录;模糊关联规则的方法提取入侵模式.通过对1999年举行的数据挖掘大赛所使用的10%子集进行实验,结果表明该系统平均检测率和平均误检率比大赛获得冠军检测方法准确率提高了近2倍,检测率从数据子集1的65.25%自适应提高到数据子集9的85.7%能自适应的检测各种攻击,表明该系统具有很好的应用前景。
|
| 关 键 词: | 入侵检测 数据挖掘 划分聚类 模糊挖掘 |
| 文章编号: | 1671-8836(2005)03-0351-05 |
| 修稿时间: | 2004年12月27 |
Realization of a Novel Adaptive Intrusion Detection System |
| |
| CHEN Ran-jing,HUANG Tian-shu.Realization of a Novel Adaptive Intrusion Detection System[J].JOurnal of Wuhan University:Natural Science Edition,2005,51(3):351-355. |
| |
| Authors: | CHEN Ran-jing HUANG Tian-shu |
| |
| Abstract: | Based the data mining technology, This paper adapt a novel IDS system that make use of heuristic clustering Algorithm and fuzzy mining algorithm. Verification tests are carried out by using the 10% subset of KDD Cup 1999 Data Set, The average detection rate is 71.67% and the average false detection rate is 0.92%.It is about twice as precise as the best system in the KDD Cup. And the detection rate increases from 65.25% (the first subset) to 85.7% (the ninth subset) adaptively. The experimental results reveal that the system can detect variety of intrusions quickly and has a bright future to be used in different areas. |
| |
| Keywords: | intrusion detection data mining partition-based clustering fuzzy mining |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
