由于高流量的网络环境中危险区域难以确定,提出报警信息的分析方案,从报警信息挖掘频繁闭序列。频繁闭项集的数量远小于频繁项集,而且通过频繁闭项集能得到所有的频繁项集,对报警消息频繁闭项集进行关联分析,可以将大量的报警消息相互关联起来,有效地缩减报警数量,提高危险模式入侵检测与响应系统的效率。 Due to the difficulty of determining the dangerous area in the high traffic network environment, an analysis program of alarm information is proposed to mine frequently closed sequences from alarm information. The number of frequent closed itemsets is far less than that of frequent itemsets, and all frequent itemsets can be obtained by frequent closed itemsets. By correlating frequently closed itemsets of alarm messages, a large number of alarm messages can be correlated with each other and effectively reduced The number of alarms increases the efficiency of dangerous intrusion detection and response systems.