期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

数据挖掘方法在网络入侵检测中的应用 被引量:10

Applications of data mining to network intrusion detection
下载PDF
导出
摘要 传统的入侵检测系统存在适应性差、缺乏可扩展性、需要专家手工编码等缺陷。基于数据挖掘的入侵检测技术,自动地从训练数据中提取出入侵检测的知识和模式,能够很好地解决传统入侵检测系统中存在的问题。综述了数据挖掘技术在网络入侵检测中的应用,描述了基于数据挖掘的入侵检测系统架构,阐述了聚类分析、分类分析、关联规则分析和序列模式分析在网络入侵检测中的应用原理和最新的研究与改进,并指出了目前存在的问题和未来研究的方向。 There are many problems such as poor adaptability,limited extensibility and experts hand-coding in traditional intrusion detection systems.Data mining-based intrusion detection techniques can extract knowledge and patterns of abnormal intrusions and normal user profiles from training data automatically,hence resolving the problems of tradition IDS properly.Main applications of data mining to network intrusion detection are surveied,i.e.clustering analysis,classification analysis,association rule analysis and sequential patterns analysis.Basic principles of each as well as latest research and improvements.At last,a summary of existing problems and future research directions is given.
作者 章金熔 刘峰 赵志宏 骆斌
机构地区 南京大学软件学院
出处 《计算机工程与设计》 CSCD 北大核心 2009年第24期5561-5566,共6页 Computer Engineering and Design
基金 国家自然科学基金项目(60503021 60875038) 江苏省高新技术研究计划基金项目(BG2006027)
关键词 入侵检测 分类 聚类 关联规则 频繁情节规则 intrusion detection classification clustering associate rule frequent episode rule
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献26

  • 1Richard A Kemmerer, Giovanni Vigna.Intrusion detection:A brief history and overview[C].Security and Privacy,2002.
  • 2Anderson J P.Computer security threat monitoring and surveillance[R].Fort Washington,Pennsylvania:Anderson Co,1980.
  • 3Denning D E. An intrusion detection model [J]. IEEE Transactions on Software Engineering,1987,13:222-228.
  • 4Snort. Network intrusion detection system [EB/OL] .http:// www.snort.org.
  • 5Varun Chandola, Eric Eilertson, Levent Ertoz, et al. MINDS: Architecture and design[R].Department of Computer Science, Minnesota University,2006.
  • 6Wenke Lee,Sal Stolfo,Phil Chan,et al.Real time data mining-based intrusion detection [C]. Anaheim, CA: Proceedings of the 2001 DARPA Information Survivability Conference and Exposition (DISCEX II),2001.
  • 7Forrest S,Hofmeyr S A,Somayaji A.A sense of self for UNIX processes[C].Proceedings of the 1996 IEEE Symposium on Research in Security and Privacy. Los Alamitos, CA: IEEE Computer Society Press, 1996.
  • 8Giffin J T, Jha S,Miller B P.Efficient context-sensitive intrusion detection [C]. San Diego, CA: Network and Distributed System Security Symposium(NDSS),2004.
  • 9Wenke Lee, Sal Stolfo,Kui Mok.A data mining framework for building intrusion detection models[C].Proceedings of the 1999 IEEE Symposium on Security and Privacy. Oakland, CA: IEEE Computer Society Press, 1999:120-132.
  • 10Wenke Lee, Sal Stolfo. A framework for constructing features and models for intrusion detection systems [C]. ACM Transactions on Information and System Security,2000.

二级参考文献4

  • 11999 KDD Cup Competition[DB/OL]. http://kdd.ies.uci. edu/databases/kddcup99/kddcup99.html. 2004. 8.22.
  • 2A. C. Atkinson. Fast Very Robust Methods for the Detection of Multiple Outliers[J]. Journal of the American Statistical Associations, 1994 ; 89 : 1329 - 1339.
  • 3Wenke Lee, Salvatore J. Stolfo. Data Mining Approaches for Intrusion Detection [C]. In Proceedings of the 1998 USENIX Security Symposium, 1998.
  • 4L Portnoy, E Eskin, S Stolfo. Intrusion Detection with Unlabeled Data Using Clustering[C]. In ACM Workshop onData Mining Applied to Security ( DMSA 2001 ) ,2001.

共引文献3

同被引文献116

引证文献10

二级引证文献46

计算机工程与设计
2009年 第24期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部