| FART在非监督式网络异常检测中的应用 |
| |
| 引用本文: | 高翔,于枫,王敏.FART在非监督式网络异常检测中的应用[J].计算机工程与应用,2006,42(27):144-146. |
| |
| 作者姓名: | 高翔 于枫 王敏 |
| |
| 作者单位: | 1. 西北工业大学计算机学院,西安,710072
2. 空军工程大学信息对抗系,西安,710068 |
| |
| 基金项目: | 国家自然科学基金;陕西省自然科学基金 |
| |
| 摘 要: | 目前的入侵检测系统主要采用的是基于特征的误用方法。另外,近几年出现的基于数据挖掘技术的入侵检测方法则需要依靠带标识的训练数据来保证检测效果,然而在现实环境中,训练数据往往是难以获得的。与之相比,非监督式的异常检测系统则具有独特的优势,它无需大量的带标识的、用于标明各种攻击的训练数据,而只需要寻找和定义正常的分类,因此,它具有在不具备任何先验知识的情况下发现新型攻击的能力。文章提出了一种采用模糊自适应谐振网(fuzzyART)发现网络入侵的新方法,并在最后采用KDDCUP99的测试数据集对该方法进行了评估,证实了该方法在网络异常检测中的有效性。
|
| 关 键 词: | 入侵检测 网络安全 模糊逻辑 异常检测 |
| 文章编号: | 1002-8331-(2006)27-0144-03 |
| 收稿时间: | 2006-07-01 |
| 修稿时间: | 2006-07-01 |
Applying Fuzzy ART to Network Unsupervised Anomaly Detection |
| |
| GAO Xiang,YU feng,WANG Min.Applying Fuzzy ART to Network Unsupervised Anomaly Detection[J].Computer Engineering and Applications,2006,42(27):144-146. |
| |
| Authors: | GAO Xiang YU feng WANG Min |
| |
| Abstract: | Most current intrusion detection systems employ signature-based methods or data mining-based methods which rely on labeled training data,however,in practice,thls training data is typically expensive to produce.In contrast, unsupervised anomaly detection has great utility within the context of network intrusion detection system.Such a system can work without the need for massive sets of pre-labeled training data and has the added versatility of being free of the overspeciallzation that comes with systems tailored for specific sets of attacks.Thus,with a system that seeks only to define and categorize normalcy,there is the potential to detect new types of network attacks without any prior knowledge of their existence.This paper discusses the creation of such a system that uses Fuzzy ART to detect anomalies in network connectlons.We evaluate our method by performing experiments over network records from the KDD CUP99 data set. |
| |
| Keywords: | intrusion detection network security fuzzy logic anomaly detection |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
