现代电子技术2018,Vol.41Issue(3):107-110,4.DOI:10.16652/j.issn.1004-373x.2018.03.025
分布式网络时序关联入侵攻击行为检测系统设计
Design of temporal sequence association rule based intrusion detection behavior detection system for distributed network
摘要
Abstract
The distributed network adopting the mesh topology structure has a large number of transmission links,which can improve the network stability and increase the risk of vicious intrusion attacks. In view of the long time consumption,low ac-curacy and high false alarm rate existing in the traditional network intrusion behavior detection system,the research on distributed network intrusion behavior detection system based on temporal sequence association rules is proposed. On the principle of temporal sequence association rules algorithm,the hardware component of the intrusion detection system was designed. The hardware of the system is composed of data acquisition module,rules analysis module,protocol decoding module,data preprocessing module and detection analysis module. According to the process of software algorithm of intrusion detection system,the intrusion data set is converted into a item-set matrix based on time sequence to solve the relevant frequent item sets and time sequence association rules,and realize the accurate detection of the distributed network intrusion. The experimental data shows that the intrusion de-tection system has strong system stability and high detection efficiency,and advantages in detection accuracy and false positive rate control.关键词
分布式网络/时序关联规则/协议/入侵行为/检测/系统设计Key words
distributed network/temporal sequence association rule/protocol/intrusion behavior/detection/system design分类
信息技术与安全科学引用本文复制引用
王秀英..分布式网络时序关联入侵攻击行为检测系统设计[J].现代电子技术,2018,41(3):107-110,4.基金项目
基于OO的分布式JSON数据管理系统的研究与实践(zdkt2016-004)项目资助Project Supported by Research and Practice of Distributed JOSN Data Management System Based on OO (zdkt2016-004) (zdkt2016-004)
