摘要
由于不同网络协议有不同的属性值,不同的数据集可被用来检测网络入侵.该文提出了一种基于决策树的协同网络入侵检测模型,该模型是由多个代理组成,每个代理针对不同的网络数据协议类型(TCP/UDP/ICMP)分别履行检测,且它们又通过协同构成一个整体检测体系.最后用KDD CUP 99数据进行实验,验证了该方法检测入侵行为的有效性.
Because different network protocols have different attributes,different data could be used to detect network intrusion.A cooperative network intrusion detection model based on decision tree is be proposed.This model is coposed of multi-agents,each agent is constructed for different protocol which is used to detect the network and they construct a detection architecture by cooperation.At last the data sets of KDD CUP99 are used as the experiment data,and the results show the efficiency of our method.
出处
《江西师范大学学报(自然科学版)》
CAS
北大核心
2010年第3期302-307,共6页
Journal of Jiangxi Normal University(Natural Science Edition)
基金
广东省自然科学基金(06021484
9151009001000007
9451009001002777)
广东省科技计划(2008A060201011)资助项目
关键词
决策树
协同
网络入侵检测
协议类型
decision tree
cooperative
network intrusion detection
protocol type