摘要
现有的网络行为异常检测系统存在误报率高、检测效率低的问题,为此设计基于IP集群数据挖掘的网络行为异常检测系统。按需连接数据采集单元与预处理单元,实现检测系统的硬件执行环境搭建。在此基础上,通过构建所需的IP集群组织,设计数据挖掘算法的指令执行步骤,完善挖掘指令执行步骤的处理方式,计算网络行为数据的非常规响应系数,实现检测系统的软件执行环境搭建,结合相关硬件应用设备,完成系统设计。实验结果表明,所设计系统的网络行为异常检测的误报率均在5%以下,时间消耗最短,具有更高的检测效率。
The existing network behavior anomaly detection system has the problems of high false positive rate and low detection efficiency.Hence,a network behavior anomaly detection system based on IP cluster data mining is designed.The system connects the data acquisition unit and preprocessing unit based on needs to build a hardware execution environment.On this basis,we construc the required IP cluster organization,design the instruction execution steps of data mining algorithm,improve the processing method of mining instruction execution steps,calculate the unconventional response coefficient of network behavior data,build the software execution environment of the detection system,combine with the relevant hardware application equipment,and at lastcomplete the system design.The experimental results show that the false positive rate of network behavior anomaly detection of the designed system is less than 5%,the time consumption is shorter,and has higher detection efficiency.
作者
白露
BAI Lu(School of Mathematics and Computer Science,Chifeng College,Chifeng 024000,China)
出处
《微型电脑应用》
2023年第6期153-155,共3页
Microcomputer Applications
关键词
数据挖掘
网络行为
IP集群
异常检测
data mining
network behavior
IP cluster
anomaly detection
