基于数据挖掘的入侵检测技术

Intrusive Detection Technology Based on Data Mining

入侵检测技术是一种主动保护网络免受黑客攻击的安全技术,他是继防火墙、数据加密等传统安全保护措施后的新一代的网络安全保障技术。当前的入侵检测系统在网络的变化或升级上缺乏扩展性,对新的攻击模式缺乏自适应性。基于数据挖掘的入侵检测系统具有一定的自学习性和自完善性,可以检测已知或未知的入侵行为。本文分析了将数据挖掘技术运用到入侵检测系统的研究方法、体系结构及存在的问题。

Following tradition security protect technology, such as firewall and data encryption, intrusion detection, which can prevent the network from being attacked by hackers, is a new network security technology- The current IDS's have limited extensibility in the face of changed or upgraded network configurations, and poor adaptability in the face of new attack methods. IDS based on data mining has the functions of self -learning and self -completing, it can detect the know and unknown intrusion activities. This paper analyzed research methods, architecture and problems to be solved of IDS based data mining technology.