摘要
入侵检测系统应用了很多智能信息处理方法,数据挖掘等被应用到IPv4中改善检测性能。实现系统首先利用Libpcap获取实验数据包,并对数据构造决策表进行了粗糙集约简。经预处理后的数据进行规则约束的关联挖掘。最后用相似度比较算法实现模式比较完成入侵检测。系统将基于数据挖掘的入侵检测应用于IPv6环境,系统的实现过程提出了优化提出的改进策略。经实验该系统可以在IPv6环境下较好工作。
Many intelligent information processing methods, data mining technology and so on have been applied to improve detection accuracy for IPv4 network. At first the system obtain experimental data packets by Libpcap, and use data construction decision table to do a rough set simplification. Second!y, it would pretreat data then mine association rule in rules constraints; at last, complete pattern comparison to achieve intrusion detection by similarity comparison algorithm. The system present an intrusion detection model for IPv6 network and it propose a strategy for the system optimization. The system can work well for intrusion detection for IPv6 network.
出处
《贵州大学学报(自然科学版)》
2013年第2期60-65,共6页
Journal of Guizhou University:Natural Sciences
基金
贵州省科学技术基金(黔科合J字LKS[2011]8号)
贵州省高校人文社科研究基地招标项目(12JD059)
贵州师范大学资助博士科研项目(基于MDT-FHMIPv6协议IPv4/IPv6虚拟机微移动迁移系统研究)