计算机工程与应用 ›› 2007, Vol. 43 ›› Issue (1): 135-135.

• 网络、通信与安全 • 上一篇    下一篇

一种基于模糊关联规则挖掘的攻击识别系统

朱可,胡克瑾   

  1. 同济大学经济与管理学院
  • 收稿日期:2006-05-29 修回日期:1900-01-01 出版日期:2007-01-01 发布日期:2007-01-01
  • 通讯作者: 朱可 zhuketj03

A System for Attack Recognition Based on Mining Fuzzy Association Rules

,   

  1. 同济大学经济与管理学院
  • Received:2006-05-29 Revised:1900-01-01 Online:2007-01-01 Published:2007-01-01

摘要: 降低攻击识别中的漏报率和误报率是现在一个急需解决的问题。本文分析了攻击识别的需求与模糊关联规则挖掘的有关概念,并且以此为基础构建了一个攻击识别系统。该系统不但能够很好地满足攻击识别的要求,而且还能同时对异常攻击和滥用攻击进行识别,并且在很大程度上降低了攻击识别中的漏报率和误报率,极大地增强了信息系统的生存力。

关键词: 攻击识别, 模糊关联规则, 模糊逻辑

Abstract: It is an imperative issue that reduces the false negative rate and false positive rate in attack recognition. This literature analyses the requirements for attack recognition and the relevant concepts about the mining of fuzzy association rules, and then sets up a system for attack recognition. This system not only satisfies the requirements for attack recognition perfectly, but also recognizes the anomaly-based attacks and the misuse-based attacks simultaneously. Furthermore, it reduces the false negative rate and false positive rate in attack recognition in some extents and greatly enhances the survivability of the information systems.

Key words: Attack Recognition, Fuzzy Association Rules, Fuzzy Logic