[1]周丽 王小玲.基于网络审计日志关联规则挖掘的改进[J].计算机技术与发展,2011,(06):150-153.
 ZHOU Li,WANG Xiao-ling.Improved Algorithm for Association Rules Mining Based on Network Audit Record[J].,2011,(06):150-153.
点击复制

基于网络审计日志关联规则挖掘的改进()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
期数:
2011年06期
页码:
150-153
栏目:
安全与防范
出版日期:
1900-01-01

文章信息/Info

Title:
Improved Algorithm for Association Rules Mining Based on Network Audit Record
文章编号:
1673-629X(2011)06-0150-04
作者:
周丽 王小玲
中南大学信息科学与工程学院
Author(s):
ZHOU LiWANG Xiao-ling
College of Information Science and Engineering,Central South University
关键词:
审计日志入侵检测关联规则最大频繁项集
Keywords:
audit record intrusion detection association rules maximal frequent itemsets
分类号:
TP309
文献标志码:
A
摘要:
由于网络入侵检测系统的实时性要求,将传统的关联规则挖掘算法直接应用到入侵检测系统中,运行效率往往不能满足实际的需要。考虑到网络审计日志实时更新的特点,提出了一种基于深度优先生成树的关联规则挖掘的改进算法FIDF,它改变了候选项集的产生顺序,优先寻找最大频繁项集。该算法只需扫描一次数据库,且当事务数据库和支持度阈值改变时,无需重新扫描数据库,提高了审计日志数据关联规则挖掘的效率,确保了入侵检测系统的实时性和准确性
Abstract:
Because of real-time requirement of the network intrusion detection system,applying the traditional association rule mining algorithm to the intrusion detection system will not meet the actual needs.Considering real-time update feature of the network audit records,the algorithm FIDF based on depth-first spanning tree is put forward.The algorithm changes the order of candidate itemsets generation,first to find maximal frequent itemsets.It only scans the database once,and when the transaction database and the support threshold are changed,it is no need to rescan the database,which improves the efficiency of audit record association rules mining and ensures the real-time and accuracy demand of intrusion detection system

相似文献/References:

[1]李雷 丁亚丽 罗红旗.基于规则约束制导的入侵检测研究[J].计算机技术与发展,2010,(03):143.
 LI Lei,DING Ya-li,LUO Hong-qi.Intrusion Detection Technology Research Based on Homing - Constraint Rule[J].,2010,(06):143.
[2]马志远,曹宝香.改进的决策树算法在入侵检测中的应用[J].计算机技术与发展,2014,24(01):151.
 MA Zhi-yuan,CAO Bao-xiang.Application of Improved Decision Tree Algorithm in Intrusion Detection System[J].,2014,24(06):151.
[3]高峥 陈蜀宇 李国勇.混合入侵检测系统的研究[J].计算机技术与发展,2010,(06):148.
 GAO Zheng,CHEN Shu-yu,LI Guo-yong.Research of a Hybrid Intrusion Detection System[J].,2010,(06):148.
[4]林英 张雁 欧阳佳.日志检测技术在计算机取证中的应用[J].计算机技术与发展,2010,(06):254.
 LIN Ying,ZHANG Yan,OU Yang-jia.Application of Log Testing Technology in Computer Forensics[J].,2010,(06):254.
[5]李钦 余谅.基于免疫遗传算法的网格入侵检测模型[J].计算机技术与发展,2009,(05):162.
 LI Qin,YU Liang.Grid Intrusion Detection Model Based on Immune Genetic Algorithm[J].,2009,(06):162.
[6]黄世权.网络存储安全分析[J].计算机技术与发展,2009,(05):170.
 HUANG Shi-quan.Analysis of Network Storage's Safety[J].,2009,(06):170.
[7]李睿 肖维民.基于孤立点挖掘的异常检测研究[J].计算机技术与发展,2009,(06):168.
 LI Rui,XIAO Wei-min.Research on Anomaly Intrusion Detection Based on Outlier Mining[J].,2009,(06):168.
[8]胡琼凯 黄建华.基于协议分析和决策树的入侵检测研究[J].计算机技术与发展,2009,(06):179.
 HU Oiong-kai,HUANG Jian-hua.Intrusion Detection Based on Protocol Analysis and Decision Tree[J].,2009,(06):179.
[9]汪世义.基于优化支持向量机的网络入侵检测技术研究[J].计算机技术与发展,2009,(07):177.
 WANG Shi-yi.Network Intrusion Detection Based on Improved Support Vector Machine[J].,2009,(06):177.
[10]薛俊 陈行 陶军.一种基于神经网络的入侵检测技术[J].计算机技术与发展,2009,(08):148.
 XUE Jun,CHEN Hang,TAO Jun.Technology of Intrusion Detection Based on Neural Network[J].,2009,(06):148.

备注/Memo

备注/Memo:
国家自然科学基金项目(60773013)周丽(1987-),女,河南南阳人,硕士研究生,研究方向为数据挖掘、网络入侵检测技术;王小玲,教授,研究方向为网络数据库与数据挖掘
更新日期/Last Update: 1900-01-01