| 基于数据挖掘的智能化入侵检测系统 |
| |
| 引用本文: | 杨向荣,宋擒豹,沈钧毅.基于数据挖掘的智能化入侵检测系统[J].计算机工程,2001,27(9):17-18. |
| |
| 作者姓名: | 杨向荣 宋擒豹 沈钧毅 |
| |
| 作者单位: | 西安交通大学计算机科学与技术系 |
| |
| 基金项目: | 国家863高技术项目(863-306QN2000-5),西安交通大学科学研究基金支持项目 |
| |
| 摘 要: | 文中提出了一种具有自学习、自完善功能的入侵监测模型,可发现已知和未知的滥用入侵和异常入侵活动。在提出的模型中,移动Agent将收集到的各个活动监测Agent采集的数据发送给事件序列生成器,事件序列生成器将由此产生的事件序列提交给数据挖掘引擎进行证据发现,检测引擎对发现的证据和已有规则间的相似性进行评估后由决策引擎做最终的裁决,并据此维护规则库和对各个活动监测Agent发出对抗指令。
|
| 关 键 词: | 入侵检测 数据挖掘 计算机信息安全 |
| 文章编号: | 1000-3428(2001)09-0017-02 |
| 修稿时间: | 2001年1月1日 |
Data Mining Based Intelligent Intrusion Detection System |
| |
| YANG Xiangrong,SONG Qinbao SHEN Junyi.Data Mining Based Intelligent Intrusion Detection System[J].Computer Engineering,2001,27(9):17-18. |
| |
| Authors: | YANG Xiangrong SONG Qinbao SHEN Junyi |
| |
| Abstract: | In this paper we present an intrusion detection system model with the functions of self-learning and self-completing, which can detect the known and novel intrusion activities. In this model, the mobile agent gathers the data collected by the active detection agents and sends it to the event sequence generator. The later preprocess the data and commit the event sequences to data mining engine in order to form the evidence. The detection engine assesses the degree of similarity between the evidence and the rules in rule-lib, then the decision-making engine makes the final adjudication, it also maintains the rule-lib and sends instructions to all active detection agents to deal with various intrusions. |
| |
| Keywords: | Intrusion detection Data mining Computer information security |
| 本文献已被 CNKI 万方数据 等数据库收录! |
