摘要
基于免疫原理,提出一种数据库入侵检测方法,利用SQL Server 2000的事件探查器完成了对历史审计数据和测试数据的采集,实现了基于免疫的数据库异常检测方法.为了验证提出算法的有效性,在相同测试集上,同基于关联规则的数据库异常检测和基于序列模式的数据库异常检测的方法进行了实验数据比较,结果表明基于免疫的数据库入侵检测在降低漏报率和假报率,提高检测率和正确率方面优于其他两种方法,具有较好的性能.
In this paper, an intrusion detection approach for Database proposed based on immune theory, the Microsoft SQL Server 2000 profiler was utilized to collection history audit data and test data. , the anomaly detection algorithrn for database based on immunology was implemented. To validate the validity of the proposed algorithm, applied to the same testing data. , the existing association rule mining anomaly detection method and sequential pattern mining anomaly detection method was compared on experimental data. The results show that the database intrusion detection based on immunology is better than the other two methods in reducing the failing and false report ratio and promoting detection ratio and correct ratio, is more effective.
出处
《小型微型计算机系统》
CSCD
北大核心
2009年第12期2343-2347,共5页
Journal of Chinese Computer Systems
基金
国家自然科学基金项目(60873199)资助
关键词
数据库入侵检测
异常检测
关联规则挖掘
序列模式挖掘
免疫原理
database intrusion detection
anomaly detection
association rule mining
sequential pattern mining
immune theory
