| 基于聚类算法与序列异常技术的入侵检测新方法 |
| |
| 引用本文: | 刘绍海,刘青昆,安娜,顾跃举. 基于聚类算法与序列异常技术的入侵检测新方法[J]. 计算机安全, 2008, 0(8) |
| |
| 作者姓名: | 刘绍海 刘青昆 安娜 顾跃举 |
| |
| 作者单位: | 辽宁师范大学计算机与信息技术学院,辽宁大连,116029;武警沈阳指挥学院教研部,辽宁,沈阳,110113;辽宁师范大学计算机与信息技术学院,辽宁大连,116029;武警辽宁总队,辽宁,沈阳,110033 |
| |
| 基金项目: | 辽宁省博士科研项目,辽宁省大连市青年科技基金,辽宁省教育厅资助项目 |
| |
| 摘 要: | 入侵检测系统是当前网络与信息安全防护体系的重要组成部分,该文通过对数据挖掘技术在入侵检测系统中的应用进行归纳,提出了一种基于聚类与序列异常技术相结合的入侵检测算法。首先对入侵检测所用到的数据流进行标准化预处理;其次对初始化后的数据用改进的K-means算法进行聚类;最后应用序列异常技术对聚类结果的每个簇进行标记。研究表明,这种将聚类与序列异常技术相结合的算法可以有效地提高系统性能和检测的准确率。
|
| 关 键 词: | 入侵检测 K-means算法 序列异常技术 |
A new method for Intrusion Detection based on clustering and sequential exception technique |
| |
| LIU Shao-hai,LIU Qing-kun,AN Na,GU Yue-ju. A new method for Intrusion Detection based on clustering and sequential exception technique[J]. Network & Computer Security, 2008, 0(8) |
| |
| Authors: | LIU Shao-hai LIU Qing-kun AN Na GU Yue-ju |
| |
| Abstract: | Intrusion Detection is a important compositive segment in network and information security recovery system today.This paper presents a new intrusion detection method which takes the advantages of clustering and sequential exception technique by the application of the data-mining technology in Intrusion Detection System. First the standardization pretreatment of the data flow should be used in Intrusion Detection.Secondly, the initialized data used the improved K-means clustering algorithm.At last, the application of sequential exception technique can mark every cluster which is the result of clustering.The research shows that the new method for Intrusion Detection which based on the combination of the clustering and sequential exception technique can effectively improve system performance and enhance the accuracy of detection. |
| |
| Keywords: | Intrusion Detection K-means clustering algorithm sequential exception technique |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
