摘要
提出了一种基于数据挖掘技术建立入侵检测系统的方法,讨论了该系统实现中的关键技术及其解决方法,包括:数据挖掘算法技术、特征选择技术、入侵检测模型构造技术及数据预处理技术等,从一个针对网络的TCPDump数据进行的基于数据挖掘的入侵检测实验中评估了用这种方法的有效性并总结了今后的研究方向。
A new model is proposed for the intrusion detection system based on the data mining in this paper. We discuss some key technical problems and their solutions, which include the data mining technique, character choice technology, intrusion detection model construction technology , and the data pre-processing technology, which are important in the system implementation. Using experiments on the network TCPDump data, we demonstrate that we can construct concise and accurate classifiers to detect anomalies. The research direction in the future of this system is also summarized. ;
出处
《计算机工程》
CAS
CSCD
北大核心
2002年第6期9-10,169,共3页
Computer Engineering
基金
国家重点基础研究发展规划项目(G1999035806)
中国科学院知识创新工程重大项目()KGCX1-09
