| 一种基于动态聚类的异常入侵检测方法 |
| |
| 引用本文: | 杨种学.一种基于动态聚类的异常入侵检测方法[J].计算机工程与设计,2006,27(17):3291-3294. |
| |
| 作者姓名: | 杨种学 |
| |
| 作者单位: | 南京晓庄学院,计算机系,江苏,南京,210017 |
| |
| 摘 要: | 运用数据挖掘方法进行入侵检测已经成为网络安全领域的一个重要研究方向。提出一种动态聚类的数据挖掘方法进行异常入侵检测,该方法将不同用户行为的特征动态聚集,根据各个子的类支持度与预设的检测阈值比较来区分正常与异常。由于动态聚类算法在每次聚类过程中都检验归类的合理性,因此获得很好的聚类效果。实时检测试验得到了较高的检测率和较低的误报率。
|
| 关 键 词: | 入侵检测 异常检测 数据挖掘 动态聚类 |
| 文章编号: | 1000-7024(2006)17-3291-04 |
| 收稿时间: | 2005-07-12 |
| 修稿时间: | 2005-07-12 |
Approach of anomaly intrusion detection using dynamic clustering |
| |
| YANG Zhong-xue.Approach of anomaly intrusion detection using dynamic clustering[J].Computer Engineering and Design,2006,27(17):3291-3294. |
| |
| Authors: | YANG Zhong-xue |
| |
| Affiliation: | Department of Computer Science, Nanjing Xiaozhuang University, Nanjing 210017, China |
| |
| Abstract: | Utilizing data mining techniques in intrusion detection system has become one of important directions in realm of network se-curity. An anomaly intrusion detection approach using dynamic clustering is proposed which can classify the users' activities into differentclusters automatically and identify the normal or abnormal connections by comparing the values of sub cluster and the preset threshold.The algorithm exhibits superior performance in that it checked validity of the clustering in each process. The results show that experimentson real-time intrusion detection achieve higher attack detection rate with lower false positive rate. |
| |
| Keywords: | intrusion detection anomaly detection data mining dynamic clustering |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
