| 检测分析技术在网络预警系统中的应用研究 |
| |
| 引用本文: | 谢振国,凌捷.检测分析技术在网络预警系统中的应用研究[J].现代计算机,2011(3):74-78. |
| |
| 作者姓名: | 谢振国 凌捷 |
| |
| 作者单位: | 广东工业大学计算机学院 |
| |
| 基金项目: | 广东省自然科学基金项目(No.9151009001000043);广东省科技计划项目(No.2009B060700002) |
| |
| 摘 要: | 为了提高网络预警系统的效率,将协议分析和改进的Apriori算法应用于检测分析模块,提出了一种新型的网络入侵检测模型。在该模型中,首先将截获的数据包结合历史数据包数据库进行协议分析,找出可能存在的入侵行为的相关数据包,然后采用改进的Apriori算法对这些数据包进行关联分析,最终获得检测结果。实验说明该模型与传统网络入侵检测系统(NIDS)相比,具有更低的漏检率。
|
| 关 键 词: | 网络入侵检测系统 数据挖掘 Apriori算法 协议分析 |
Research on the Application of Inspection and Analysis Technology in Network Early-Warning System |
| |
| XIE Zhen-guo,LING Jie.Research on the Application of Inspection and Analysis Technology in Network Early-Warning System[J].Modem Computer,2011(3):74-78. |
| |
| Authors: | XIE Zhen-guo LING Jie |
| |
| Affiliation: | (College of Computer,Guangdong University of Technology,Guangzhou 510006) |
| |
| Abstract: | To increase the efficiency of network early-warning system,applies improved Apriori algorithm and protocol analysis to the detection module,designs a new network intrusion detection model.Based on the model,integrates the currently data packet with historical data packet to process a protocol analysis,then the data packet that correlated with possiblely intrusion affair could be found out.Then uses the improved Apriori algorithm to association analysis to these data packs and gets the results of test.The experiment shows that this model has a lower missing rate compared to the traditional network intrusion detection system(NIDS). |
| |
| Keywords: | Network Intrusion Detection System Data Mining Apriori Algorithm Protocal Analysis |
| 本文献已被 CNKI 等数据库收录! |
