摘要
Snort是一个简单而有效的基于规则的开源入侵检测系统,但有一定的局限性。论文提出了一个基于数据挖掘的Snort增强模型以采用各种数据挖掘技术来解决Snort的某些局限,还构建了基于案例推理(CBR)的应用实例,良好地验证了模型的正确性和灵活性,且由于"自适应"的特点,该模型还具有较强的可扩展性和交互性。
The Snort is a simple and effective rule-based open source intrusion detection system.But it has some limitations.In this paper a data mining based Snort enhanced model is proposed to adopt data mining techniques to solve the limitations of the Snort.The accuracy and flexibility of the model are well verified by building a case based reasoning(CBR) application instance.The model is adaptive,so it also has scalabiliy and interactivity.
出处
《南京邮电学院学报(自然科学版)》
2004年第4期1-5,共5页
Journal of Nanjing University of Posts and Telecommunications
基金
江苏省教育厅自然科学研究专项基金(02SJD520002)资助项目
