期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于模糊数据挖掘和遗传算法的网络入侵检测技术 被引量:28

Network Intrusion Detection Based on Fuzzy Data Mining and Genetic Algorithms
在线阅读 下载PDF
导出
摘要 文章通过开发一套新的网络入侵检测系统来证实应用模糊逻辑和遗传算法的数据挖掘技术的有效性;这个系统联合了基于模糊数据挖掘技术的异常检测和基于专家系统的滥用检测,在开发异常检测的部分时,利用模糊数据挖掘技术来从正常的行为存储模式中寻找差异,遗传算法用来调整模糊隶属函数和选择一个合适的特征集合,滥用检测部分用于寻找先前行为描述模式,这种模式很可能预示着入侵,网络的通信量和系统的审计数据被用做两个元件的输入;此系统的系统结构既支持异常检测又支持滥用检测、既适用于个人工作站又可以适用于复杂网络。 We have developed a prototype intelligent intrusion detection system in order to demonstrate the effectiveness of data mining techniques that utilize fuzzy logic and genetic algorithms. This system combines both anomaly based intrusion detection using fuzzy data mining techniques and misuse detection using traditional rule--based expert system techniques, The anomaly--based components are devel- oped using fuzzy data mining techniques. They look for deviations from stored patterns of normal behavior. Genetic algorithms are used to tune the fuzzy membership functions and to select an appropriate set of features. The misuse detection components look for previously described patterns of behavior that are likely to indicate an intrusion. Both network traffic and system audit data are used as inputs for both components. This system architecture supports both anomaly detection and support for abuse detection, both for personal workstation can be applied to complex networks.
作者 王晟 赵壁芳
机构地区 富国银行 ASDI公司
出处 《计算机测量与控制》 CSCD 北大核心 2012年第3期660-663,共4页 Computer Measurement &Control
关键词 入侵检测系统 异常检测 滥用检测 遗传算法 intrusion detection system anomaly detection misuse detection genetic algorithms
分类号 TP301 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献9

二级参考文献34

  • 1Alfred V Aho, Margaret J Corasick. Efficient string matching: an aid to bibliographic search [J]. Communication oftheACM, 1975, 18(6): 333-340.
  • 2Commentz-Walter B. A string matching algorithm fast on the average [C]// ICALP 1979. Proc of the 6th Colloquium on Automata, Languages and Programming. Lodon : Springer-Verlag, 1979:118 - 132.
  • 3Wu S, Manber U. A fast algorithm for multi-pattern searching, TR-94-17 [R]. Arizona : Department of Computer Science, University of Arizona, 1994.
  • 4Tan L, Sherwood T. A high throughput string matching architecture for intrusion detection and prevention [C]// ISCA’05. Proc of the 32nd International Symposium on Computer Architecture. Washinton: IEEE Computer Society, 2005:112 - 122.
  • 5Brodie B C, Ron K C, Taylor D E. A scalable architecture for high throughput regular expression pattern matching [C]//ISCA’06. Proc of the 33rd International Symposium on Computer Architecture. New York: ACM, 2006:191 - 202.
  • 6Lunteren J V. High performance pattern matching for intrusion detection [C]//Infocom' 06. Proe of Infocom’06. Barcelona: IEEE Infocom, 2006:1-13.
  • 7Kumar S, Dharmapurikar S, Yu F, et al. Algorithms to accelerate multiple regular expressions matching for deep packet inspection [C]// SIGCOMM’06. Proc of SIGCOMM’06. New York: ACM, 2006: 339 - 350.
  • 8Roesch M, Kane S, Guiterman M, et al. Snort: the de facto standard for intrusion detection/prevention [EB/OL]. (2008-04-01), http://www. snort, org
  • 9Kojm T, Cathey M, Cordes C, et al. ClamAV antivirus [EB/OL]. (2008-04-14). http://www. clamav, net.
  • 10Iigun K,Kemmerer A.State transition analysis:A rule based intrusion detection approach[J],IEEET Trans on Software Engineering, 1995,21(3) : 181-199.

共引文献10

同被引文献223

引证文献28

二级引证文献105

计算机测量与控制
2012年 第3期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部