基于数据挖掘与CIDF的自适应入侵检测系统

来源 :计算机工程与应用 | 被引量 : 0次 | 上传用户:shijiancuowu
下载到本地 , 更方便阅读
声明 : 本文档内容版权归属内容提供方 , 如果您对本文有版权争议 , 可与客服联系进行内容授权或下架
论文部分内容阅读
传统的由安全专家手工构造入侵检测规则的方法在新攻击频繁出现的今天越来越暴露出其工作量大、响应慢的局限性。为克服上述局限,该文提出一种自适应的入侵检测系统框架。该系统基于公共入侵检测框架(CIDF)构建,当出现新攻击时,利用数据挖掘对海量数据进行挖掘,得出入侵模型后由系统自动转换为检测规则以实现规则库的自动更新。另外,在一定授权情况下,其他入侵检测系统可以向该系统请求分发入侵模型以得到及时更新。 Traditional methods of manually constructing intrusion detection rules by security experts expose more and more workloads and slow responses when new attacks frequently occur. In order to overcome these limitations, this paper proposes an adaptive intrusion detection system framework. The system is based on Common Intrusion Detection Framework (CIDF). When a new attack occurs, the system uses data mining to mine the massive data, and then gets the intrusion model and automatically transforms it into detection rules to automatically update the rule base. In addition, under certain authorization, other intrusion detection systems can request the system to distribute the intrusion model for timely updates.
其他文献
目的:探究注意缺陷多动障碍 (AD/HD) 动物模型(自发高血压大鼠,SHR)冲动性的变化.方法:实验在标准Campden连续反应测试箱中进行,大鼠禁水22h,采用长变异间期方案(长VI,40天,
通过国内外著名医学期刊对严重急性呼吸综合征(SARS)报道时滞的比较,认为导致国内医学期刊对SARS相关报道较慢的主要原因包括:长期以来计划经济中固有的思维方式,我国医学专
基于Matlab神经网络工具箱,采用改进的径向基函数(RBF)网络优化计算4200中厚板轧机的轧制温度。通过径向基层散布常数的人工调整以及神经元的自适应调整,提高了收敛速度,确定
Estrogen receptor (ER), one member of nuclear hormone receptor (NR) family, is an estrogen-dependent transcriptional factor that plays an important role in deve
为探究吕家坨井田地质构造格局,根据钻孔勘探资料,采用分形理论和趋势面分析方法,研究了井田7
Electrochemiluminescence (ECL) is a high- sensitive detection method with broad biological applications. Ruthenium (Ⅱ) tris (bipyridyl) and tripropylamine (TPA
Since cell signal transduction plays an important role in disclosing the nature of human diseases, the pathogenesis of viruses may result from the disturbance o
The effects and the relationship between salicylic acid (SA) and nitric oxide (NO) on Vicia faba L. stomatal movement were studied. The results here showed that
Using the blind patch-clamp technique with the whole-cell mode, we have studied the modulation of presynaptic receptor on postsynaptic γ-aminobutyric acid (GAB
文章以快运公司的托运业务分析系统为背景,介绍了数据仓库的设计与实现技术,并给出基于数据仓库环境的数据挖掘的应用实例.