基于数据挖掘的入侵检测体系

The Intrusion Detection System Using Data Mining

入侵检测技术是一种主动保护网络免受黑客攻击的安全技术,它是继防火墙、数据加密等传统安全保护措施后的新一代的网络安全保障技术。当前的入侵检测系统在网络的变化或升级上缺乏扩展性,对新的攻击模式缺乏自适应性。提出了一种基于数据挖掘的入侵检测模型,该模型具有一定的自学习性和自完善性,可以检测已知或未知的入侵行为。

Following tradition security protect technology, such as firewall and data encryption, Intrusion detection, which can prevent the network from being attacked by hackers, is a new network security technology. The current IDSs have limited extensibility in the face of changed or upgraded network configurations, and poor adaptability in the face of new attack methods. This paper presents a data-mining-based IDS model which has the functions of self-learning and self-completing. It can detect the known and unknown instructionactivities.