| 入侵检测中频繁模式的有效挖掘算法 |
| |
| 引用本文: | 杨华兵,叶新郢,张宁蓉.入侵检测中频繁模式的有效挖掘算法[J].指挥控制与仿真,2005,27(1):78-81. |
| |
| 作者姓名: | 杨华兵 叶新郢 张宁蓉 |
| |
| 作者单位: | 解放军理工大学,江苏,南京,210007;武汉理工大学,湖北,武汉,430063 |
| |
| 摘 要: | 在基于数据挖掘的入侵检测系统中,为了在海量审计记录中有效地提取出相关规则,需要通过利用与入侵检测相关的特定领域知识。首先对关联规则挖掘问题中的相关概念给出几个规范化定义,介绍了基本的关联规则和情节规则挖掘算法,然后结合审计记录的特点,考虑其轴属性和参照属性以及规则兴趣度,对基本挖掘算法中的候选项目集产生函数进行了改进。分析结果表明,利用规则兴趣度能够大大减小候选项目集的大小,有效提高频繁模式挖掘算法的效率。
|
| 关 键 词: | 数据挖掘 入侵检测 频繁模式 关联规则 情节规则 |
| 文章编号: | 1672-7908(2005)01-0078-04 |
| 修稿时间: | 2004年5月24日 |
An Efficient Mining Algorithm for Frequent Pattern in Intrusion Detection |
| |
| YANG Hua-bing,YE Xin-ying,ZHANG Ning-rong.An Efficient Mining Algorithm for Frequent Pattern in Intrusion Detection[J].Command Control & Simulation,2005,27(1):78-81. |
| |
| Authors: | YANG Hua-bing YE Xin-ying ZHANG Ning-rong |
| |
| Institution: | YANG Hua-bing1,YE Xin-ying2,ZHANG Ning-rong1 |
| |
| Abstract: | In data mining-based intrusion detection system, we should make use of particular domain knowledge in relation to intrusion detection in order to efficiently extract relative rules from large amounts of audit records. This paper first gives some standard definitions of the notions correlative to association rules, and introduces the basic association rule algorithm and episode rule algorithm, then improves the method of generating candidate itemset in basic algorithm through considering the characteristic of audit records, axis attributes and reference attributes. The result indicates that we can remarkably decrease the candidate items and improve the efficiency of mining frequent pattern when using the interest measure. |
| |
| Keywords: | data mining intrusion detection frequent pattern association rule episode rule |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《指挥控制与仿真》浏览原始摘要信息 |
| 点击此处可从《指挥控制与仿真》下载免费的PDF全文 |
