| 一种基于遗传聚类的报警聚合方法 |
| |
| 引用本文: | 熊丽琼,郭帆,余敏.一种基于遗传聚类的报警聚合方法[J].计算机应用,2008,28(4):896-898. |
| |
| 作者姓名: | 熊丽琼 郭帆 余敏 |
| |
| 作者单位: | 江西师范大学,计算机信息工程学院,南昌,330022 |
| |
| 基金项目: | 国家重点基础研究发展规划(973计划)
,
国家重点基础研究发展规划(973计划)面上项目
,
江西师范大学博士基金 |
| |
| 摘 要: | 提出了一种基于遗传聚类算法对入侵检测系统(IDS)报警进行聚合的方法。将报警间属性的相异程度转换到值域区间0.0,1.0]上,两报警间的相异程度用一个相异度矩阵表示;利用遗传算法的自适应优化特性选取较优的聚类中心,根据报警间的相异度矩阵将相似的报警进行聚类;在此基础上,分别对每一类中的报警采用凝聚层次的聚合方法进行聚合。实验结果证明,该方法能够有效地减少重复报警。
|
| 关 键 词: | 报警 聚合 相异度矩阵 遗传聚类算法 |
| 文章编号: | 1001-9081(2008)04-0896-03 |
| 收稿时间: | 2007-10-12 |
| 修稿时间: | 2007年10月11 |
Alert aggregation algorithm based on genetic clustering algorithm |
| |
| XIONG Li-qiong,GUO Fan,YU Min.Alert aggregation algorithm based on genetic clustering algorithm[J].journal of Computer Applications,2008,28(4):896-898. |
| |
| Authors: | XIONG Li-qiong GUO Fan YU Min |
| |
| Affiliation: | XIONG Li-qiong,GUO Fan,YU Min(College of Computer , Information Engineering,Jiangxi Normal University,Nanchang Jiangxi 330022,China) |
| |
| Abstract: | An alert aggregation algorithm was proposed, in which alerts of Intrusion Detection System (IDS) based on genetic clustering algorithm were aggregated. To convert the dissimilarity between two alert attributes into the value range of 0.0, 1.0], the dissimilarity of two alerts was represented by using a dissimilarity matrix; the more excellent clustering centers were chosen by the genetic algorithm, and the similar alerts would be clustered according to the dissimilarity matrix. Hierarchical aggregation method was adopted for every kind of alerts to aggregate according to the results of clustering. The experimental results show that the repeat alerts can be decreased effectively by this method. |
| |
| Keywords: | alert aggregation dissimilarity matrix genetic clustering algorithm |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机应用》浏览原始摘要信息 |
|
点击此处可从《计算机应用》下载全文 |
