| 基于数据挖掘的自适应异常分析 |
| |
| 引用本文: | 祝万涛,欧阳为民,辛洪亮. 基于数据挖掘的自适应异常分析[J]. 计算机工程与设计, 2007, 28(2): 264-266 |
| |
| 作者姓名: | 祝万涛 欧阳为民 辛洪亮 |
| |
| 作者单位: | 上海大学,计算机工程与科学学院,上海,270022;上海大学,计算机工程与科学学院,上海,270022;上海大学,计算机工程与科学学院,上海,270022 |
| |
| 摘 要: | 正常用户行为活动是随时间变化的,一个异常分析系统要能适应这种变化更新正常行为模型,避免误报警.对增量更新算法进行了研究,使用线性回归的方法对相似度进行估计,如果实际相似度与估计值差值大于某个阈值,则产生报警;否则采用改进的滑动窗增量挖掘的方法,更新正常活动模型.并用DARPA-MIT 1999数据集验证其可行性.
|
| 关 键 词: | 异常检测 自适应 数据挖掘 增量挖掘 关联规则 |
| 文章编号: | 1000-7024(2007)02-0264-03 |
| 修稿时间: | 2005-12-29 |
Adaptive anomaly analysis based on data mining theory |
| |
| ZHU Wan-tao,OUYANG Wei-min,XIN Hong-liang. Adaptive anomaly analysis based on data mining theory[J]. Computer Engineering and Design, 2007, 28(2): 264-266 |
| |
| Authors: | ZHU Wan-tao OUYANG Wei-min XIN Hong-liang |
| |
| Affiliation: | School of Computer Engineering and Sciences, Shanghai University, Shanghai 200072, China |
| |
| Abstract: | A analysis system must adaptive the changes in normal user behavior patterns and update normal profile to reduce the false alert.To overcome these disadvantages,an adaptive system is developed.If the difference between estimation value using linear regression and fact value beyond a threshold,an anomaly happen.Otherwise we update normal profile employing an improved sliding window approach.The experiments validate this approach using DARPA-MIT 1999 datasets. |
| |
| Keywords: | anomaly detection adaptation data mining incremental mining association rules |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
