摘要
提出了一种基于数据挖掘技术建立入侵检测系统的方法。研究了如何在入侵检测中对审计数据进行数据挖掘,从系统审计数据中提取出描述正常和异常行为的特征和规则,从而建立攻击检测模型,并提出了全套步骤。
A new model is proposed for the intrusion detecting system (IDS) based on the data mining technique. The method for mining the auditted data in the IDS as well as the method for extracting the features and rules describing the normal and abnormal behaviours are studied and discussed. Thereby the intrusion detection models can be established. The whole set of steps are presented.
出处
《长春工业大学学报》
CAS
2003年第4期26-28,共3页
Journal of Changchun University of Technology
基金
吉林省科技厅科学基金资助项目(吉科合字第20000109号)
关键词
入侵检测
数据挖掘
审计数据
入侵检测模型
intrusion detection system
data mining
audit data
intrusion detection model.
