| Building Real-Time Network Intrusion Detection System Based on Parallel Time-Series Mining Techniques |
| |
| 作者姓名: | 李庆华 |
| |
| 作者单位: | SchoolofComputerScienceandTechnology,HuazhongUniversityofScienceandTechnology,Wuhan430074,China//NationalHighPerformanceComputingCenter(WuHan),Wuhan430074,China |
| |
| 基金项目: | TheNationalNaturalScienceFoundationofChina(No.60273075). |
| |
| 摘 要: | A new real-time model based on parallel time-series mining is proposed to improve the accuracy and efficiency of the network intrusion detection systems. In this model, multidimensional dataset is constructed to describe network events, and sliding window updating algorithm is used to maintain network stream. Moreover, parallel frequent patterns and frequent episodes mining algorithms are applied to implement parallel time-series mining engineer which can intelligently generate rules to distinguish intrusions from normal activities. Analysis and study on the basis of DAWNING 3000 indicate that this parallel time-series mining-based model provides a more accurate and efficient way to building real-time NIDS.
|
| 关 键 词: | 侵入窃密检测 时间序列 滑动时窗 并行算法 网络安全 |
Building Real-Time Network Intrusion Detection System Based on Parallel Time-Series Mining Techniques |
| |
| Zhao Feng,Li Qinghua.Building Real-Time Network Intrusion Detection System Based on Parallel Time-Series Mining Techniques[J].Journal of Southwest Jiaotong University,2005,13(1):11-17. |
| |
| Authors: | Zhao Feng Li Qinghua |
| |
| Institution: | School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan 430074, China;National High Performance Computing Center(WuHan), Wuhan 430074, China |
| |
| Abstract: | A new real-time model based on parallel time-series mining is proposed to improve the accuracy and efficiency of the network intrusion detection systems. In this model, multidimensional dataset is constructed to describe network events, and sliding window updating algorithm is used to maintain network stream. Moreover, parallel frequent patterns and frequent episodes mining algorithms are applied to implement parallel time-series mining engineer which can intelligently generate rules to distinguish intrusions from normal activities. Analysis and study on the basis of DAWNING 3000 indicate that this parallel time-series mining-based model provides a more accurate and efficient way to building real-time NIDS. |
| |
| Keywords: | Intrusion detection Time-series mining Sliding window Parallel algorithm |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
