期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于自适应模型的数据库入侵检测方法 被引量:4

A Method of Database Intrusion Detection Based on Adaptive Model
下载PDF
导出
摘要 提出了一种基于自适应模型数据库入侵检测方法(ASIDS).该方法基于矩阵和最小支持度函数的AprioriZ关联算法,依据在训练和自适应入侵检测阶段产生数据库的操作特征,用户根据实际需求动态调整最小支持度函数的值,更高效挖掘操作特征.结合层次聚类算法产生动态规则库,通过计算待检测数据操作特征与规则库中聚类的距离是否超过聚类间最大距离来判断异常,以避免已有检测系统中判断"边界尖锐"问题,并实时把正常操作特征归入动态规则库,通过对报警信息的关联分析降低误警率.实验结果表明,ASIDS能够实时地进行入侵检测,具有很高的检测率和较低的误警率. A method of database intrusion detection based on adaptive model is proposed.First,the conception of mini-support function and attribute distance are defined.Then,a new association algorithm based on defined conception is proposed to extract operating characteristics in time window.The value of mini-support function can be dynamically adjusted,so operating characteristics could be extracted more efficiently.Furthermore,hierarchical clustering algorithm is applied to produce dynamic clustering rule base.The intrusion could be judged by computing the distance between operating characteristics and cluster in rule base.In this way,the problem of judging 'sharp boundary' in current database intrusion detection system could be avoided.In the progress of intrusion detection,characteristics of normal operation are absorbed by rule base,and rule base is updated in time.The experimental results show that the intrusion be detected has a high correct rate and a low false rate.
作者 李银钊 闫怀志 张佳 何海涛
机构地区 北京理工大学软件安全工程技术北京市重点实验室 燕山大学信息科学与工程学院
出处 《北京理工大学学报》 EI CAS CSCD 北大核心 2012年第3期258-262,共5页 Transactions of Beijing Institute of Technology
基金 国家"八六三"计划项目(2009AA01Z433) 国家部委基金资助项目(A2120110006) 北京理工大学基础研究基金资助项目(20090842003)
关键词 数据库安全 入侵检测 关联分析 聚类 database security intrusion detection association analysis cluster
分类号 TP242 [自动化与计算机技术—检测技术与自动化装置]
  • 相关文献

参考文献6

二级参考文献40

  • 1SkoudisEd.反击黑客[M].北京:机械工业出版社,2002..
  • 2Ramaswamy S. et al.. On the discovery of interesting patterns in association rules. In: Proceedings of the 24th International Conference on Very Large Data Bases (VLDB), New York, 1998, 368~379
  • 3Srikant R. et al.. Mining quantitative association rules in large relational tables. In: Proceedings of the 1996 ACM SIGMOD Conference on Management of Data, Montreal, 1996, 1~12
  • 4Srikant R. et al.. Mining generalized association rules. In: Proceedings of the 21st International Conference on Very Large Data Bases (VLDB), Zurich, Switzerland, 1995, 407~419
  • 5Pen J. et al.. CLOSET: An efficient algorithm mining frequent closed itemsets. In: Proceedings of the 2000 ACM SIGMOD International Workshop on Data Mining and Knowledge Discovery, Dallas, TX, 2000, 11~20
  • 6Zaki M.J. et al.. CHARM: An efficient algorithm for closed association rule mining. Computer Science, Rensselaer Polytechnic Institute, Troy, New York: Technical Report 99-10, 1999, 1~24
  • 7Han J. et al.. Mining frequent patterns without candidate generation. In: Proceedings of the 2000 ACM SIGMOD Conference On Management of Data, Dallas, TX, 2000, 1~12
  • 8Bing Liu et al.. Analyzing the subjective interestingness of association rules. Intelligent Systems, 2000, 15(5): 47~55
  • 9Cheung D.W. et al.. Maintenance of discovered association rules in large databases: an incremental updating technique. In: Proceedings of the 1996 International Conference on Data Engineering, New Orleans, Louisiana, 1996, 106~114
  • 10Feldman R. et al.. Efficient algorithms for discovering frequent sets in incremental databases. In: Proceedings of the 1997 ACM SIGMOD Workshop on Research Issues on Data Mining and Knowledge Discovery, Tucson, Arizona, 1997, 59~66

共引文献78

同被引文献24

  • 1赵刚,宫义山,王大力.考虑成本与要素关系的信息安全风险分析模型[J].沈阳工业大学学报,2015,37(1):69-74. 被引量:8
  • 2徐明,陈纯,应晶.一个两层马尔可夫链异常入侵检测模型(英文)[J].软件学报,2005,16(2):276-285. 被引量:7
  • 3吴溥峰,张玉清.数据库安全综述[J].计算机工程,2006,32(12):85-88. 被引量:96
  • 4沈昌祥,张焕国,冯登国,曹珍富,黄继武.信息安全综述[J].中国科学(E辑),2007,37(2):129-150. 被引量:356
  • 5Siala F, Ghedira K. A Multi-Agent Selection of Web Service Providers Driven by Composite QoS[C]//ISCC. 2011:55-60.
  • 6Mehta H, Kanungo P, Chandwani M. Decentralized Content A- ware Load Balancing Algorithm for Distributed Computing En- vironments[C] //ICWET. 2011 : 370-375.
  • 7Vinek E, Beran P P, Schikuta E. Classification and Composition of QoS Attributes in Distributed, Heterogeneous Systems[C]// CCC-RID. 2011:424-433.
  • 8Niehorster O, Keller A, Brinkmann A. An Energy-Aware SaaS Stack[C]//MASCOTS. 2011 : 450-453.
  • 9lou D, Yoshida P-M, Nobuko. Dynamic Multirole Session Types [J]. ACM SIGPLAN Notices, 2011,46 ( 1 ) : 435-446.
  • 10Jeong K, Kim J, Kim Y-T. QoS-aware Network Operating Sys- tem for Software Defined Networking with Generalized Open- flows[C]//Network Operations and Management Symposium (NOMS). 2012.

引证文献4

二级引证文献33

北京理工大学学报
2012年 第3期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部