| 基于已知特征的入侵衍生特征挖掘算法 |
| |
| 引用本文: | 牛建强,陈昕. 基于已知特征的入侵衍生特征挖掘算法[J]. 计算机工程与应用, 2005, 41(20): 127-130,134 |
| |
| 作者姓名: | 牛建强 陈昕 |
| |
| 作者单位: | 河南科技大学电子信息工程学院,洛阳,471039;北京信息工程学院计算机信息系统系,北京,100101 |
| |
| 基金项目: | 北京优秀人才培养专项资助项目(编号:20042D0500701) |
| |
| 摘 要: | 入侵特征值识别和发现算法是误用入侵检测中的关键技术。入侵衍生特征挖掘提出一种特定的特征值挖掘算法,基于已经知道某种攻击的特征值,找出衍生于这种攻击的变种攻击程序的特征值,并在产生候选项集和数据扫描阶段进行了优化。实验中通过分组数据测试,与通用的SignatureApriori算法进行了对比。实验结果表明,入侵衍生特征挖掘算法在挖掘效率上优于SignatureApriori。
|
| 关 键 词: | 入侵检测 数据挖掘 Signature Apriori |
| 文章编号: | 1002-8331-(2005)20-0127-04 |
Derived Signature Mining Algorithm of Intrusion Based on Known Characteristic |
| |
| Niu Jianqiang,Chen Xin. Derived Signature Mining Algorithm of Intrusion Based on Known Characteristic[J]. Computer Engineering and Applications, 2005, 41(20): 127-130,134 |
| |
| Authors: | Niu Jianqiang Chen Xin |
| |
| Affiliation: | Niu Jianqiang1 Chen Xin2 1 |
| |
| Abstract: | The recognition and discovery algoritnms of intrusive signature are the core technologies of misuse intrusion detection.Derived signature mining algorithm provides a new kind of signature mining algorithm.Based on the known characteristic values of certain attacks,the algoritnm can compute and find out the new and mutational signature values from the attack and optimizes the procedure in what candidated itemsets is provided and database is scanned.In the experiment,tested data divided into different groups,which is used to compare the proposed algorithm with Signature Apriori algorithm,which is a general signature mining algorithm in intrusion dtection field.The results of concerned experiments indicates that the derived signature mining algorithm is superior to Signature Apriori algorithm in mining efficiency. |
| |
| Keywords: | Intrusion Detection Data Mining Signature Apriori |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
