摘要
为了提高入侵检测系统对入侵特征知识的归纳和概括能力,提出了将一种基于模糊等价关系的动态聚类方法应用于对入侵特征集进行层次聚类。实验证明该方法提高了系统识别未知入侵行为的能力,并且通过动态调整参数能使检测在误警率和检测率中达到较好的平衡。
In order to improve IDS's ability of generalization for knowledge of intrusion, a method is put forward that applies fuzzy clustering to obtain hierarchy generation for intrusion feature set. The experiments prove that it can improve ability to detect and attain best balance between rate of detection and rate of false alarms by adjusting parameter.
出处
《计算机工程》
CAS
CSCD
北大核心
2007年第10期153-154,157,共3页
Computer Engineering
关键词
模糊聚类
入侵检测
误警率
检测率
Fuzzy clustering
Intrusion detection
Rate of false alarms
Rate of detection
