Algorithm of Intrusion Detection Based on Data Mining and Its Implementation

被引:0
作者
孙海彬
徐良贤
陈彦华
机构
[1] Department of Computer Science and Engineering
[2] Shanghai Jiaotong University
[3] Shanghai
[4] China Dr
[5] China
[6] Institute of Communication
[7] PLA Information & Engineering University
[8] Zhengzhou
[9] Henan
来源
Journal of DongHua University | 2004年 / 05期
关键词
Intrusion detection; data mining; association rules; FP-Tree;
D O I
10.19884/j.1672-5220.2004.05.021
中图分类号
TN911 [通信理论];
学科分类号
081002 ;
摘要
Intrusion detection is regarded as classification in data mining field. However instead of directly mining the classification rules, class association rules, which are then used to construct a classifier, are mined from audit logs. Some attributes in audit logs are important for detecting intrusion but their values are distributed skewedly. A relative support concept is proposed to deal with such situation. To mine class association rules effectively, an algorithms based on FP-tree is exploited. Experiment result proves that this method has better performance.
引用
收藏
页码:88 / 92
页数:5
相关论文
共 1 条
[1]  
Results of the DARPA 1998 Offline Intrusion Detection Evaluation .2 R. Lip Mann,R. K. Cunningham,D. J. Fried,K. R. Kendall,S. E. Webster,M. A. Zissman. Proc. RAID 1999 .
1