基于数据挖掘的入侵检测研究

Study on Data Mining Based Intrusion Detection for Network

下载PDF

导出

摘要网络入侵检测系统已经成为网络安全架构的一部分。但是当前的NIDS(network intrusion detection system)在未知攻击的检测上都存在虚警率过高的问题。首先对在线和离线系统的优缺点做了对比,重点介绍了分类器的集成学习和多检测器关联以及数据挖掘方法中的一些实用技术,然后介绍现存的系统和评价数据集,最后总结了入侵检测领域的工作并给出了这个领域的发展方向。 Network intrusion detection systems have become a part of security infrastructures. Unfortunately, high false alarm rate exists in current systems at detection unknown attacks. Firstly, the advantages and disadvantages between online system and offline system were compared, an integrated learning method of classifier and multi-sensor relation and some applicable techniques about data mining method were discussed in detail. Then many current intrusion detection system and evaluation datasets were introduced. Finally, the work in intrusion detection area was summarized ; the developing trend was given.

作者陈钢秦茗张红梅

机构地区上海司太立有限公司上海工业自动化仪表研究所华东理工大学信息学院

出处《自动化仪表》 CAS 2006年第6期14-17,21,共5页 Process Automation Instrumentation

关键词入侵检测数据挖掘机器学习统计学习 Intrusion detection Data mining Machine learning Statistical learning

分类号 TP3 [自动化与计算机技术—计算机科学与技术]

引文网络
相关文献

参考文献12

1卿斯汉,蒋建春,马恒太,文伟平,刘雪飞.入侵检测技术研究综述[J].通信学报,2004,25(7):19-29. 被引量：234
2Bass,T.Intrusion detection systems and multisensor data fusion.Communications of the the ACM 2000,43(4):99-105.
3Lee W.and D.Xiang.Information-theoretic measures for anomaly detection[C]//Proc.of the 2001 IEEE Symp.on Security and Privacy.Oakland:IEEE Computer Society Press,2000:130-143.
4Dickerson,J.E.and J.A.Dickerson.Fuzzy network profiling for intrusion detection[C].// Proc.of NAFIPS 19th International Conference of the North American Fuzzy Information Processing Society (NAFIPS),Atlanta,2000:301-306.
5Lee W.and S.J.Stlfo.A framework for constructing features and models for intrusion detection systems[J].Information and System Security,2000,3(4):227-261.
6Lee W.,S.J.Stolfo.Real time data mining-based intrusion detection[C]//Proc.Second DARPA Information Survivability Conference and Exposition,Anaheim,CA:IEEE Computer Society,2001:85-100.
7Helmer G.,J.Wong,V.Honavar,and L.Miller.Automated discovery of concise predictive rules for intrusion detection.Iowa State Univ.,Ames,IA.1999:99.
8Lane T.D.Machine Learning Techniques for the computer security domain of anomaly detection[D].West Lafayetta:Purdue Univ:2000.
9Lee W.and S.J.Stolfo.Data mining approaches for intrusion detection[C]//Proc.of the 7th USENIX Security Symp.,San Antonio,TX.USENIX.1998.
10Kumar S.Classification and Detection of Computer Intrusions[D].West Lafayette:Purdue Univ.,1995.

二级参考文献46

1LEE W,STOLFO S,MOK K. A data mining framework for adaptive intrusion detection[EB/OL]. http://www.cs.columbia.edu/~sal/ hpapers/framework.ps.gz.
2LEE W, STOLFO S J, MOK K. Algorithms for mining system audit data[EB/OL]. http://citeseer.ist.psu.edu/lee99algorithms.html. 1999.
3KRUEGEL C, TOTH T, KIRDA E.Service specific anomaly detection for network intrusion detection[A]. Proceedings of the 2002 ACM Symposium on Applied Computing[C]. Madrid, Spain, 2002. 201-208.
4LIAO Y, VEMURI V R. Use of text categorization techniques for intrusion detection[A]. 11th USENIX Security Symposium[C]. San Francisco, CA, 2002.
5An extensible stateful intrusion detection system[EB/OL]. http://www.cs.ucsb.edu/~kemm/NetSTAT/doc/index.html.
6ILGUN K. USTAT: A Real-Time Intrusion Detection System for UNIX[D]. Computer Science Dep University of California Santa Barbara, 1992.
7The open source network intrusion detection system [EB/OL]. http://www.snort.org/.
8KO C, FINK G, LEVITT K. Automated detection of vulnerabilities in privileged programs by execution monitoring[A]. Proceedings of the 10th Annual Computer Security Applications Conference [C]. Orlando, FL: IEEE Computer Society Press, 1994. 134-144.
9Computer security & other applications of immunology[EB/OL]. http://www.cs.unm.edu/~forrest/isa_papers.htm.
10GRUNDSCHOBER S. Sniffer Detector Report[R]. IBM Research Division Zurich Research Laboratory Global Security Analysis Lab, 1998.

共引文献233

1黄彬.企业网络边缘安全防护管理的研究[J].计算机产品与流通,2020,9(4):51-51.
2伍海波,陶滔.一种用于并行入侵检测系统的数据分流策略[J].计算机系统应用,2008,17(11):29-31. 被引量：1
3王晓霞,唐耀庚,徐宗杨.一种基于改进的BP神经网络的入侵检测方法[J].计算机时代,2009(3):13-15. 被引量：4
4金涛.《地铁报》带来了什么?——瑞典免费报纸竞争策略及其发展趋势[J].新闻记者,2005(2):66-68. 被引量：14
5杨文.入侵检测系统的现状及发展趋势[J].电脑知识与技术（技术论坛）,2005(6):42-44.
6杨德明,潘进,赵爽.基于机器学习的移动自组织网络入侵检测方法[J].计算机应用,2005,25(11):2557-2558. 被引量：3
7吴建胜,战学刚.基于TCP状态有限自动机的入侵检测研究[J].鞍山科技大学学报,2005,28(5):368-371. 被引量：3
8吴庆涛,邵志清.入侵检测研究综述[J].计算机应用研究,2005,22(12):11-14. 被引量：19
9李黄珍.渴,渴,渴！——体育经营管理人才告急[J].职业,2005(12):42-43.
10钟旺伟,黄小鸥.入侵检测系统通用模型的分析与研究[J].现代计算机,2006,12(3):86-89.

1Xinsheng Wang Hongxia Li.Improvement and Implementation of Network Intrusion Detection System[J].通讯和计算机（中英文版）,2006,3(1):48-52.
2戴宁燕.基于GIS技术的苏州有线网络资源管理系统的建设与实施[J].广播与电视技术,2014,41(11):20-25. 被引量：3
3贾志平,杨武,云晓春.一个分布式高效网络入侵检测系统[J].微计算机信息,2006(01X):33-35. 被引量：6
4XuesongWang,Guangzhan Feng.Research on the Network Intrusion Detection System based on Modified Particle Swarm Optimization Algorithm[J].International Journal of Technology Management,2016(1):56-58.
5刘凤龙,丁照石.动力电池焊接机器人离线系统编程系统设计[J].产业与科技论坛,2013,12(3):87-88.
6台德艺,王昆仑,郭昌建.交互式科研信息管理系统的研究[J].计算机系统应用,2009,18(5):1-4. 被引量：2
7张春瑞,王开云,高行宇,赵伟锋.基于漏洞扫描的入侵检测规则屏蔽方法研究[J].计算机应用与软件,2008,25(7):259-260.
8舒炎泰,金志刚,刘根成.PERFORMANOE EVALUATION OF HT-7 DATA PROOESSING SYSTEM[J].Transactions of Tianjin University,1999,5(1):7-11.
9Huang Guangqiu Peng Xuyou Lv Dingquan.Implementation of Network Intrusion Detection System Based on Density-based Outliers Mining[J].微计算机信息,2005,21(11X):78-81.
10罗克韦尔自动化SequenceManager解决方案可增强过程应用的功能和可扩展性[J].电气时代,2016(8):72-72.

自动化仪表

2006年第6期

浏览历史

内容加载中请稍等...

基于数据挖掘的入侵检测研究

参考文献12

二级参考文献46

共引文献233

相关作者

相关机构

相关主题

浏览历史