摘要
由于高流量的网络环境中危险区域难以确定,提出报警信息的分析方案,从报警信息挖掘频繁闭序列。频繁闭项集的数量远小于频繁项集,而且通过频繁闭项集能得到所有的频繁项集,对报警消息频繁闭项集进行关联分析,可以将大量的报警消息相互关联起来,有效地缩减报警数量,提高危险模式入侵检测与响应系统的效率。
In view of the hard detection of hazardous locations in the network traffic,an analysis on the alarm messages from which the frequent close-up sequences can be excavated in the network environment,is proposed in this paper.As the number of the close-up frequent itemsets is far less than that of the frequent itemsets which can be obtained via the close-up frequent itemsets,a large number of alarm messages can be correlated by a correlation analysis on the frequent close-up sequences of the alarm messages.In this way,not only can the times of warning be reduced,but the efficiency of the system of the intrusion-detection and the response can be improved.
出处
《煤炭技术》
CAS
北大核心
2010年第10期175-176,179,共3页
Coal Technology
关键词
入侵检测
危险模式
频繁模式
关联规则
intrusion-detection system
danger model
frequent pattern
correlation rules