摘要
针对网络入侵检测系统Snort的不足,提出了一种基于数据挖掘技术的二次检测系统模型。该模型以Snort系统为基础,增加了异常检测挖掘模块、新规则形成模块、二次检验模块等,可以实现实时更新入侵行为规则库,提高系统的检测速度以及大幅地减低Snort系统的漏报率与误报率。
Because of Snort system having disadvantage,a system model of Snort quadratic detection based on data mining technonlogy is put forward.The model which is based upon Snort system adds mining model of exceptional detection,forming model of new regulation and quadratic detection model and so on.Therefore the system is able to update regulation database of invading behavior in real time.Moreover,detective velocity is improved and leaking and distort ratio are largely diminished.
出处
《天津职业院校联合学报》
2010年第2期49-52,共4页
Journal of Tianjin Vocational Institutes
