摘要
针对现有网络入侵检测系统检测效率差、误检率高的弊端,基于优化IF算法设计了一种适用于大规模数据检测的系统。系统利用蒙特卡洛准则对IF算法进行深度优化,并限定一个最低的收敛值以提高数据分割的精度。系统硬件部分包括数据采集模块、解码预处理模块、检测引擎模块、日志报警模块、规则库等,在应对海量规模的数据样本时,与传统方案相比该系统具有更为明显的优势,其检测率趋近于95.98%的理论值,同时在检测耗时方面也比传统系统更有优势。
Aiming at the disadvantages of poor detection efficiency and high false detection rate of existing network intrusion detection systems,a system suitable for large-scale data detection is designed based on the optimized IF algorithm.The system uses Monte Carlo criteria to optimize the IF algorithm in depth,and limits a minimum convergence value to improve the accuracy of data segmentation.The hardware part of the system includes data acquisition module,decoding preprocessing module,detection engine module,log alarm module,rule library,etc.When dealing with massive data samples,this system has more obvious advantages than traditional solutions.The rate is close to the theoretical value of 95.98%,and it has advantages over traditional systems in terms of time-consuming detection.
作者
吴元君
WU Yuanjun(Yungui Information College,Anhui Finance and Trade Vocational College,Hefei Anhui 230601,China)
出处
《盐城工学院学报(自然科学版)》
CAS
2020年第4期24-29,共6页
Journal of Yancheng Institute of Technology:Natural Science Edition
基金
2017年度高等学校省级质量工程重点教学研究项目(2017jyxm0804)。
关键词
优化IF算法
入侵检测
系统设计
规则库
optimized IF algorithm
intrusion detection
system design
rule base
