| 改进数据挖掘算法在入侵检测系统中的应用 |
| |
| 引用本文: | 赵艳君,魏明军.改进数据挖掘算法在入侵检测系统中的应用[J].计算机工程与应用,2013,49(18):69-72. |
| |
| 作者姓名: | 赵艳君 魏明军 |
| |
| 作者单位: | 1.河北联合大学 理学院,河北 唐山 063009
2.河北联合大学 信息学院,河北 唐山 063009 |
| |
| 摘 要: | 针对已有检测机制存在的对于未知攻击行为无能为力、漏报率较高、检测效率低以及缺少规则库自动扩充机制等问题,结合数据挖掘技术的相关知识,设计了基于数据挖掘的改进网络入侵检测系统模型。模型中选取聚类分析K-means算法和关联规则挖掘Apriori算法,并对其进行改进。用改进的K-means算法实现正常行为类及数据分离模块,用改进Apriori算法实现规则库的自动扩充功能,并通过实验验证了两个算法的功能。
|
| 关 键 词: | 数据挖掘 入侵检测 改进 K-means算法 Apriori算法 |
Application and realization of improved data mining algorithm in intrusion detection system |
| |
| ZHAO Yanjun,WEI Mingjun.Application and realization of improved data mining algorithm in intrusion detection system[J].Computer Engineering and Applications,2013,49(18):69-72. |
| |
| Authors: | ZHAO Yanjun WEI Mingjun |
| |
| Affiliation: | 1.College of Science, Hebei United University, Tangshan, Hebei 063009, China
2.College of Information Engineering, Hebei United University, Tangshan, Hebei 063009, China |
| |
| Abstract: | Aiming to the existing problem of the powerless, high false negative rate, low detection efficiency and the lack of the rule base automatic extension mechanism to unknown aggressive behavior for existing detection mechanisms, combining the relevant knowledge of data mining technology, this paper designs one improved network intrusion detection system model based on data mining, combining misuse detection and anomaly detection. The model selects the K-means algorithm in clustering analysis and the Apriori algorithm in association rule mining and improves it. It applies the improved K-means algorithm to achieving normal behavior classes and data separation module, then utilizes the improved Apriori algorithm to achieve automatic extension of the rule base. By the experiment it verifies the function of the two algorithms. |
| |
| Keywords: | data mining intrusion detection improved K-means algorithm Apriori algorithm |
|
| 点击此处可从《计算机工程与应用》浏览原始摘要信息 |
|
点击此处可从《计算机工程与应用》下载全文 |
|
