摘要
为解决入侵检测系统普遍存在漏/误报率高、特征库需频繁升级、更新等问题,根据中科院高能所的网络环境,构建了一种基于关联规则挖掘算法的入侵检测系统。该系统可以通过训练数据生成通用的检测规则,并利用规则检测新的攻击。实验证明:该系统对未知攻击具有较好的检测速度和检测率。
In order to fix the problems existed in traditional IDS, e.g. high leak rate detection/false alarm rates and feature library needs frequently upgrade, based on IHEP network environment, this paper presented a new Intrusion Detection System based on association - rule mining algorithm. This system can detect unknown attack by generating rules from training data. Experiment proved that the system has great accuracy and performance on both unknown and known attack detection.
出处
《核电子学与探测技术》
CAS
北大核心
2015年第2期119-123,共5页
Nuclear Electronics & Detection Technology
基金
国家科技项目(2012BAH14B02)
国家信息安全专项(发改办高技[2012]1424号)资助
