Computer Engineering and Applications ›› 2009, Vol. 45 ›› Issue (14): 81-83.DOI: 10.3778/j.issn.1002-8331.2009.14.024

• 网络、通信、安全 • Previous Articles     Next Articles

Intrusion detection method based on clustering and protocol analysis

MO Le-qun1,GUO Geng-qi1,YAO Guo-xiang2   

  1. 1.Department of Computer Science,Guangdong Communication Polytechnic,Guangzhou 510650,China
    2.College of Information Science,Jinan University,Guangzhou 510632,China
  • Received:2008-04-01 Revised:2008-06-23 Online:2009-05-11 Published:2009-05-11
  • Contact: MO Le-qun

一种基于聚类和协议分析的入侵检测方法

莫乐群1,郭庚麒1,姚国祥2   

  1. 1.广东交通职业技术学院 计算机工程学院,广州 510650
    2.暨南大学 信息科学技术学院,广州 510632
  • 通讯作者: 莫乐群

Abstract: Because of the altitudinal regularity of the network protocol of the data package,a new intrusion detection method is suggested,in order to improve the efficiency.The protocol analysis technique is suggested to be attached to the clustering data mining method.On the one hand,it can take out the illegal data efficiently by reducing the amount of data set which is to be clustered,on the other hand,it can make the data set measure up the hypothesis of the clustering data mining technique,and make the work more efficient.

Key words: intrusion detection, data mining, clustering, protocol analysis

摘要: 根据入侵检测中协议分析技术与聚类数据挖掘技术各自不同的检测特点,提出了一种新的入侵检测方法,将协议分析技术融合到聚类数据挖掘中。通过数据清洗和协议分析不但可以有效减少聚类挖掘的数据量,快速地检测出入侵行为,而且可以让被挖掘的数据更加符合聚类数据挖掘的先决条件,提高了聚类数据挖掘检测的效率。

关键词: 入侵检测, 数据挖掘, 聚类, 协议分析