| 入侵检测中对系统日志审计信息进行数据挖掘的研究 |
| |
| 引用本文: | 蒋嶷川,田盛丰.入侵检测中对系统日志审计信息进行数据挖掘的研究[J].计算机工程,2002,28(1):159-161. |
| |
| 作者姓名: | 蒋嶷川 田盛丰 |
| |
| 作者单位: | 北方交通大学计算机与信息技术学院,北京,100044 |
| |
| 摘 要: | 入侵检测系统是用来检测网络入侵行为的工具,入侵检测系统的关键在于其安全模式规则的准确性,网络系统中存在大量的日志审计数据,在这些日志审计数据中含有许多与安全有关的信息,入侵检测系统可以从日志审计数据中提取安全模式规则,但由于这些日志审计数据量非常庞大,因此采用数据挖掘技术从中进行安全模式规则的提取,研究了如何在入侵检测中对系统日志审计信息进行数据挖掘,提出了全套的步骤,并重点论述了采用轴属对日志审计信息进行特征提取。
|
| 关 键 词: | 入侵检测系统 系统日志 审计信息 数据挖掘 计算机网络 |
| 文章编号: | 1000-3428(2002)01-0159-03 |
| 修稿时间: | 2001年4月19日 |
Research on Data Mining to System Log Audit Information in IDS |
| |
| JIANG Yichuan,TIAN Shengfeng.Research on Data Mining to System Log Audit Information in IDS[J].Computer Engineering,2002,28(1):159-161. |
| |
| Authors: | JIANG Yichuan TIAN Shengfeng |
| |
| Abstract: | IDS (Intrusion Detection System) is a tool to detect the network intrusion actions. The key of IDS is the accuracy of the security mode rules. In network system there is a large amount of log audit data which contain much information related to security. So IDS can extract security mode rules from the log audit data. However, as the amount of the log audit date is too large, we can apply data mining technology into security mode rule extraction. This paper studies how to make data mining to system log audit information in IDS, provides the whole steps, and stresses using axis attribute to make character extraction to log audit information. |
| |
| Keywords: | IDS (Intrusion Detection System) Log audit Data mining |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
