摘要
网络攻击日益隐蔽化和复杂化,传统入侵检测方法对此有很大局限性,该文提出将入侵检测系统和SNMP网络管理系统相结合,根据攻击的本质特征,使用数据挖掘技术从SNMP的网络统计数据中获取检测规则的方法,能有效实现对隐蔽和复杂攻击的检测。
The network attacks become more and more ulterior and complicated which can deceive the traditional intrusion detection method. This paper discusses the application of data mining in intrusion detection, mining rules from SNMP data according to the essence of network attack. This method is efficient enough to meet the need of active detect complex intrusion.
出处
《计算机工程》
CAS
CSCD
北大核心
2004年第2期20-22,共3页
Computer Engineering
基金
天津市科技发展计划项目(003107511)
关键词
简单网络管理协议
数据挖掘
入侵检测
Simple network management protocol(SNMP)
Data mining
Intrusion detection
