摘要
设计了一个基于数据挖掘技术的网络入侵检测系统模型。该模型在Snort入侵检测系统的基础上,利用数据挖掘技术增加了聚类分析模块、异常检测引擎和关联分析器。该系统不仅能够有效地检测到新的入侵行为,而且能提升检测的速度,在达到实时性要求的同时,解决了一般网络入侵检测系统对新的入侵行为无能为力的问题。
The article designs an intrusion detection system model based on data mining technique. The model based on the Snort intrusion detection system utilizes data mining technique to add clustering analysis module,anomaly detection engine and correlation analyzer. The system can not only effectively detect new invasion, but also promote detective speed. So it can solve a problem that general network detect system does nothing to new invasion as well as meet the real-time demand.
出处
《计算机工程与应用》
CSCD
北大核心
2008年第14期134-137,共4页
Computer Engineering and Applications
基金
广州市科技型中小企业技术创新基金项目(No.2007V43C0091)