摘要
针对审计日志记录的特性,本文提出了一种基于聚集信息矩阵的高效增量式关联规则的挖掘算法,并解决了当最小支持度改变以及审计数据动态更新时相应的关联规则的更新问题。算法提高了审计日志数据库关联规则挖掘的效率,更加适用于入侵检测系统,能基本满足实时入侵检测系统的需要。
Corresponding to characteristic of the audit record, this paper proposes a high efficiency incremental association mining algorithm based on information collecting matrix. The algorithm resolve the problem that how to update the association rules in a database when minimum support changed or new transactions are added to the database. The algorithm improves the efficiency of the association mining, can fulfill the request if the real time system and apply to intrusion detection system.
出处
《微计算机信息》
北大核心
2006年第10X期49-51,71,共4页
Control & Automation
基金
华为基金"无线流媒体版权保护技术研究"资助(YJCB2004009NP)
教育部博士点基金资助课题(No:20040487009)
关键词
入侵检测
关联规则挖掘
聚集信息矩阵
关联向量
Intrusion detection,Association mining,Information collecting matrix,Association vector