Associating IDS Alerts by an Improved Apriori Algorithm

被引:5
作者
Wang Taihua [1 ]
Guo Fan [1 ]
机构
[1] Jiangxi Normal Univ, Sch Comp & Informat Engn, Nanchang 330022, Jiangxi, Peoples R China
来源
2010 THIRD INTERNATIONAL SYMPOSIUM ON INTELLIGENT INFORMATION TECHNOLOGY AND SECURITY INFORMATICS (IITSI 2010) | 2010年
关键词
data mining; association rules; Apriori algorithm; itemsets;
D O I
10.1109/IITSI.2010.47
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Among a large number of association rule mining algorithms, Apriori algorithm is the most classic one, but the Apriori algorithm has three deficiencies, namely: the need for scanning databases many times, generating a large number of Candidate Anthology, as well as frequent itemsets iteratively. The paper presents a method that solves the maximal frequent itemsets through one intersection operation. The degree of support is obtained through the times of intersection without having to scan the transaction database, by numbering some of the properties to reduce memory space and search the candidate set list easily, thereby enhancing the efficiency of the algorithm. Finally, it can generate association rules for Intrusion Detection System. Experimental results show that the optimized algorithm can effectively improve the efficiency of mining association rules.
引用
收藏
页码:478 / 482
页数:5
相关论文
共 10 条
  • [1] [Anonymous], P 1998 ACM SIGMOD IN
  • [2] Han Jiawei, 2006, DATA MINING CONCEPTS, P151
  • [3] Hu Kan, 1998, J SOFTWARE, V9, P53262
  • [4] *MIT LINC LABS, 1999, DARPA INTR DET EV
  • [5] POPPI S., 2005, SNORT IDMEF PLUGIN
  • [6] Rankumar G.D., 1997, WEIGHTED ASS RULES M
  • [7] Treinen JJ, 2006, LECT NOTES COMPUT SC, V4219, P1
  • [8] Valdes A, 2001, 4 INT WORKSH REC ADV
  • [9] yan Xifeng, CLOSPAN MINING CLOSE
  • [10] Zaki M.J., 1998, P 1998 ACM SIGMOD WO
1