计算机工程与应用 ›› 2008, Vol. 44 ›› Issue (14): 134-137.

• 网络、通信、安全 • 上一篇    下一篇

基于数据挖掘的网络入侵检测系统设计与实现

贾世国,张昌城   

  1. 暨南大学 华文学院,广州 510610
  • 收稿日期:2007-12-04 修回日期:2008-03-06 出版日期:2008-05-11 发布日期:2008-05-11
  • 通讯作者: 贾世国

Design and implementation of network intrusion detection system based on data mining

JIA Shi-guo,ZHANG Chang-cheng   

  1. Huawen College,Jinan University,Guangzhou 510610,China
  • Received:2007-12-04 Revised:2008-03-06 Online:2008-05-11 Published:2008-05-11
  • Contact: JIA Shi-guo

PDF

摘要: 设计了一个基于数据挖掘技术的网络入侵检测系统模型。该模型在Snort入侵检测系统的基础上,利用数据挖掘技术增加了聚类分析模块、异常检测引擎和关联分析器。该系统不仅能够有效地检测到新的入侵行为,而且能提升检测的速度,在达到实时性要求的同时,解决了一般网络入侵检测系统对新的入侵行为无能为力的问题。

关键词: 入侵检测, 数据挖掘, Snort

Abstract: The article designs an intrusion detection system model based on data mining technique.The model based on the Snort intrusion detection system utilizes data mining technique to add clustering analysis module,anomaly detection engine and correlation analyzer.The system can not only effectively detect new invasion,but also promote detective speed.So it can solve a problem that general network detect system does nothing to new invasion as well as meet the real-time demand.

Key words: intrusion detection, data mining, Snort

京ICP备13024262号-1
Copyright © 《计算机工程与应用》编辑部
技术支持:北京玛格泰克科技发展有限公司
总访问量
今日访问
在线人数