检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]大连理工大学系统工程研究所,辽宁大连116023
出 处:《辽宁工程技术大学学报(自然科学版)》2009年第2期273-276,共4页Journal of Liaoning Technical University (Natural Science)
基 金:国家自然科学基金资助项目(70572099);辽宁省自然科学基金资助项目(1050349)
摘 要:为了提高入侵检测的准确度和速度,针对入侵规则属性相关性的特点,将属性与类间的互信息与属性间的互信息结合,提出了一种新的混合互信息的决策树分类算法。在对此算法进行了算法设计和分析的基础上,将由此算法构造的决策树分类方法对入侵规则进行组织,改变了传统的入侵规则逐条串行检测,以增加预处理时间为代价,提高了数据包的过滤速度和准确度。实验分析表明,应用该算法的入侵检测系统比使用传统方法具有更高的准确率和速度。Traditional intrusion detection systems(IDS) not only have high rate of false positive and false negative with the increasing complexity of intrusion, but also lack effectiveness for very large test data because of its simple structure. Therefore, based on relationship of the attributes of intrusion rules, this paper presents a new classification algorithm in order to improve speed and accuracy of intrusion detection, which selects a node's attribute with more information gain, but with less mutual information between the attributes of the node and that of all the upper nodes. This method avoids selecting the redundant attributes and achieves the reduction in entropy. After the algorithm is designed and analyzed, Apply it into the rules to form a decision tree, which changes the conventional way of searching the packet orderly, and improves the matching speed at the cost of preprocess time. The result of an experiment shows that the intrusion detection system using the proposed algorithm works more efficiency than using conventional method or ID3 decision tree.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.222