摘要
入侵检测是一种重要的网络安全技术 .现有的无监督方法虽然能在未经标记的数据上找出异常 ,但时间复杂度相对较高 ,不适用于入侵检测中大规模的数据集 .针对这一问题 ,提出了一种新的发现异常的无监督方法 ,通过使用聚类和K 近邻距离和技术 ,克服了原有方法的缺点 ,具有较低的时间复杂度和较高的入侵检测效率 .
Existing Unsupervised approaches can find anomalies on unlabeled data, but most of them have very large time complexity. So they are difficult to be applied to large datasets typically available in intrusion detection. An unsupervised approach was proposed to find anomalies. The method was characterized by lower time complexity and higher detection rate by means of clustering and the k nearest neighbors techniques.
出处
《华中科技大学学报(自然科学版)》
EI
CAS
CSCD
北大核心
2004年第7期21-23,共3页
Journal of Huazhong University of Science and Technology(Natural Science Edition)
基金
国家自然科学基金资助项目 (6 0 2 730 75 )
关键词
入侵检测
无监督方法
聚类
K-近邻
intrusion detection
unsupervised approaches
clustering
k nearest neighbors
