| 基于Web挖掘的Web服务器入侵检测研究 |
| |
| 引用本文: | 皮国强,刘韬.基于Web挖掘的Web服务器入侵检测研究[J].计算机时代,2012(4):41-42. |
| |
| 作者姓名: | 皮国强 刘韬 |
| |
| 作者单位: | 遵义医学院网络技术中心,贵州遵义,563003 |
| |
| 基金项目: | 遵义医学院科研项目(F-478) |
| |
| 摘 要: | 针对传统的防火墙技术和网络检测技术不再能准确、及时地发现对服务器的攻击行为提出了基于Web数据挖掘技术的一种服务器入侵检测方法:首先由目前已经掌握的对服务器攻击行为特征作为样本点,采用k-均值聚类分析算法进行无监督学习,生成K个聚类的特征攻击库;其次采用邻近分类算法,根据计算访问样本点与特征攻击库中心的距离对样本点进行归并;最后对特征攻击库中心点进行重新调整,确保对新的样本点行为分析更加准确。
|
| 关 键 词: | Web挖掘 样本点 k-均值聚类算法 邻近分类算法 欧氏距离 |
Server intrusion detect based on Web mining study |
| |
| Pi Guoqiang
,
Liu Tao.Server intrusion detect based on Web mining study[J].Computer Era,2012(4):41-42. |
| |
| Authors: | Pi Guoqiang Liu Tao |
| |
| Affiliation: | (Computer Network Technology Center of Zunyi Medical College, Zunyi, Guizhou 563003, China) |
| |
| Abstract: | Web server is a main physical carrier for information releasing, whose safety is one of hot topics now. With the rapid development of Intemet and an exponential growth of information, attacks on the server are more and more frequent, diverse, and covert. The traditional firewall technology and network detection can no longer accurately and timely detect attacks. Web data mining is better to identify the attacks. It first regards the past attacks as sample points, and uses k-means clustering algorithm for unsupervised learning to generate K clusters of characteristics. Then it calculates the distance from a sample point to the characteristic attack center points of the sample library by the neighbor classification algorithm, and merge into the nearest library. Finally it re-adjusts the center of the feature library to ensure that the analysis of the new behavior of sample point is more accurate. |
| |
| Keywords: | Web mining sample point K-means clustering algorithm neighbor classification algorithm Euclidean distance |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
