基于审计日志的关联规则挖掘  被引量:5

Mining Association Rules Based on Audit Log

在线阅读下载全文

作  者:王京 谭玉波[1,2] 邢晓萧 WANG Jing;TAN Yu-bo;XING Xiao-xiao(School of Information Science and Engineering, Henan University of Technology, Zhengzhou 450001, China;Information Management Center of Henan University of Technology, Zhengzhou 450001, China)

机构地区:[1]河南工业大学信息科学与工程学院,郑州450001 [2]河南工业大学信息化管理中心,郑州450001

出  处:《科学技术与工程》2022年第19期8397-8405,共9页Science Technology and Engineering

基  金:河南省科技厅项目(152102210268);河南省教育厅项目(18B520013);河南工业大学项目(26400243)。

摘  要:为解决审计日志信息利用不充分的问题,通过改进FP-Growth方法研究了审计日志关联规则,提出了基于相互关联规则的KAFP-Growth算法。将现有的审计日志与先进的数据挖掘分析技术结合,在详细研究Apriori算法、PCY算法和FP-Growth算法后,引入了重要属性的概念,对审计日志中的重要属性进行约束,减小了频繁项集,提高了计算性能。实验结果验证KAFP-Growth算法有效提高了审计日志的关联分析效率。相较于FP-Growth算法,在最小支持度相同的情况下,改进算法运行时间速度缩短了49.3%,随着数据集规模的增大,改进算法运行时间可缩短60%以上。In order to solve the problem of insufficient audit log utilization,the association rules of audit logs are studied by improving the FP-Growth method,a related rule-based KAFP-Growth algorithm was proposed.Data mining technology is the discovery of potential relationships between transactions in many transactions,based on theoretical categories and practical methods in many areas.Combining existing audit logs with advanced data mining analysis techniques,after the PCY,Apriori,and FP-Growth algorithms were used to investigate,the concept of key attributes was introduced to limit the audit logs,the time complexity of the algorithm was reduced,and the calculation performance was improved.The experimental results show that the KAFP-Growth algorithm effectively improves the correlation analysis efficiency of audit logs.It is the conclusion that compared with the FP-Growth algorithm when the minimum support is the same,the running time is increased by 49.3%.As the size of the data set increases,the running time of the improved algorithm can be increased by more than 60%.

关 键 词:审计日志 数据挖掘 关联规则 KAFP-Growth算法 

分 类 号:TP391[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象