广东工业大学学报 ›› 2005, Vol. 22 ›› Issue (3): 48-52.

• 综合研究 • 上一篇    下一篇

异常入侵检测中数据挖掘技术RIPPER的应用

  

  1. 广东工业大学计算机学院; 广东工业大学计算机学院 广东广州510090; 广东广州510090; 广东广州510090;
  • 出版日期:2005-07-02 发布日期:2005-07-02
  • 基金资助:

    广东省自然科学基金团队项目(20003051);广东省自然科学基金项目(041074117)

The Application of Data Mining Technology in Anomaly Detection

  1. (Faculty of Computer,Guangdong University of Technology,Guangzhou 510090,China)
  • Online:2005-07-02 Published:2005-07-02

摘要: 介绍了入侵检测技术的分类以及数据挖掘技术在入侵检测中的应用,并阐述了构建的基于数据挖掘算法RIPPER的异常入侵检测系统的设计与实现. 

关键词: 网络安全; 系统调用; 数据挖掘; RIPPER; 入侵检测;

Abstract: This paper introduces the categories of intrusion detection and the application of data mining technology in anomaly detection.It also describes the design and the implementation of the anomaly IDS based on data mining algorithms,RIPPER.

Key words: network security; system call; data mining; RIPPER; intrusion detection;

[1] Wenke Lee,Salvatore J Stolfo.Learning patterns from unix process execution traces for intrusion detection. In AAAI Workshop on AI Approaches to Fraud Detection and Risk Management[C], AAAI Press . 1997

[2] William W,Cohen.Fast effective rule induction. In Machine Learning: Proceeding of the Twelfth International Conference . 1995

[3] Warrender C,Forrest S,Pearlmutter B.Detecting intrusion using system calls: alternative data modles. Proceedings of 1999 IEEE Symposium on Computer Security and Privacy . 1999

[4] Hofmeyr S A,Foreest S,Somayaji A.Intrusion detection using sequences of system Calls. Journal of Computer Security . 1998

[5] Sung-Bae Cho,Hyuk-Jang Park.Efficient anomaly detection by modeling privilege flows using hidden Markov model. Computer & Science . 2003

[6] Foreest S,Hofmeyr S A,Somayaji A.A sense of self for unix process. Proceedings of 1996 IEEE Symposium on Computer Security and Privacy . 1996

[7] Ghosh A K,Schwartzbard A,Shatz A M.Learning program behavior profiles for intrusion detection. Proceedings of 1st USENIX Workshop on Intrusion Detection and Network Monitoring . 1999
No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!