摘要
针对传统入侵检测规则手工定制的弊端和可扩展性差、适应性差等缺点,设计一种基于数据挖掘技术的可行入侵检测系统模型。模型中引入数据挖掘技术使其能得到计算机系统入侵行为和正常行为,并利用异常检测和误用检测的各自优势,引入混合入侵检测引擎模块。经分析,该检测模型比传统的检测模型有着明显的优势。
Based on the main shortcomings of traditional intrusion detection rules which is manual customization and poor adapt-ability,this paper designs an intrusion detection model based on data mining technologylarge.The model use data mining techniques to get the computer system intrusions and normal behavior,and introduce hybrid intrusion detection engine module by respective advantages of anomaly detection and misuse detection.Compared with traditional model,the model has obvious advantaqe by analysing.
出处
《工业控制计算机》
2012年第6期91-91,96,共2页
Industrial Control Computer
关键词
入侵检测
数据挖掘
模型
intrusion detection,data mining,model
