摘要
为了解决现有的入侵检测系统响应网络环境慢、需要较多人工干预的局限,采用智能体技术和聚类分析设计一种新的网络入侵检测方法.使用智能体技术实现入侵检测系统的分布式设计,利用分层的控制智能体实现入侵检测系统的自主控制,同时使用基于模糊C均值算法的数据挖掘技术对网络数据进行检测分析,并利用加权算法对模糊C均值算法进行改进,提高系统的检测能力.结果表明,该系统能够减少人工干预,对网络环境响应较快,入侵检测性能也得到了提高.
In order to solve the limitations of slow network response and more manual intervention in the existing intrusion detection system, a new method of network intrusion detection is proposed based on agent technology and clustering analysis. The distributed intrusion detection system is designed with the agent technology, in which the system is self--controlled by the hierarchical control agent, and the data analysis of network is achieved through data mining technique based on fuzzy C-means algorithm (FCM). The weighted algorithm is used in the FCM algorithm for the improvement of the system detection capabilities. The results show that the system is able to reduce manual intervention, achieve faster response for the network environment, and improve the performance of the intrusion detection.
出处
《微电子学与计算机》
CSCD
北大核心
2013年第3期165-168,共4页
Microelectronics & Computer
基金
国家自然科学基金项目(60874582)
关键词
入侵检测系统
智能体
数据挖掘
模糊C均值算法
加权算法
intrusion detection system
agent
data mining
fuzzy C-means algorithm
weighting algorithm