摘要
论述了入侵检测系统的基本概念,结合异常检测和滥用检测,提出了基于数据挖掘的网络入侵检测系统模型。介绍了该系统模型的基本思想,该系统模型通过将预处理的网络数据包送到数据挖掘过程控制模块,产生出能精确描述入侵行为和系统正常行为模式的规则,并且自动产生精确适用的检测模型。
The basic concepts of intrusion detection technique are discussed. Anomaly detection with misuse detection is combined. An intrusion detection system model architecture based on data mining is proposed. The basic theory of the system model is introduced, when the network date packes pretreated are sent to the data mining processing control module, the rules to differentiate intrusion behavior data packets and the normal behavior data packets are described accurately ,then a adaptive intrusion detection model is created automatically.
出处
《科学技术与工程》
2007年第19期5170-5172,5176,共4页
Science Technology and Engineering
关键词
网络安全
入侵检测
数据挖掘
network secur/ty intrusion detection data mining
