摘要
入侵检测系统(IDS)是保障信息安全的重要手段。分析了机器学习应用于网络连接级的异常检测模型的过程,然后建立了异常检测系统原型,以验证此方法用于IDS的可能性及所能达到的性能。实验以DARPA网络数据为例,对数据的特征进行了分析、选取及构造,并针对多种情况进行了测试。实验结果表明,该IDS系统具有很好的检测性能。最后对结果进行了分析,并得出了几个有用的结论。
Intrusion detection system(IDS)is a very important instrument in the domain of information security.Machine
learning was used to construct an IDS model on network connection level in order to test the feasibility and its performance.Ex-
perimental results using a set of benchmark data from DARPA have shown that the performances of this anomaly detection system
are fairly high.At the end,some useful conclusions were drawn according to the results.
出处
《计算机工程与设计》
CSCD
2004年第5期694-696,共3页
Computer Engineering and Design
基金
普天首信重大科研基金(021125)