Attack detection system based on decision-making tree

An attack detection and decision tree technology, which is applied in transmission systems, digital transmission systems, special data processing applications, etc., can solve the problems of insufficient attack type detection capabilities and high false alarm rates, and achieve easy understanding, high classification accuracy, and model high efficiency effect

Inactive Publication Date: 2013-05-15
WUXI NANLIGONG TECH DEV
View PDF0 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] The purpose of the present invention is to propose a decision tree-based attack detection system for the problems of insufficient attack type detection capability and high false alarm rate existing in the existing network attack detection module

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack detection system based on decision-making tree
  • Attack detection system based on decision-making tree

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] The present invention will be further described below in conjunction with the accompanying drawings and embodiments.

[0021] like figure 1 shown. An attack detection system based on a decision tree, which includes a detection data collector (used to collect network, local, etc. input data), a detection mining processor (used to extract attack data) and a classifier (decision tree) The detection data collector is used as the detection signal input end of the attack detection system to collect the data to be detected, the output end of the detection data collector is connected to the signal input end of the detection mining processor, and the detection data collection device The signal output terminal is connected to the signal input terminal of the classifier, and the signal output terminal of the classifier is used as the output of the attack detection system based on the decision tree to display the detection status.

[0022] The classifier of the present invention ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

An attack detection system based on a decision-making tree comprises a detection data acquisition unit, a detection excavation processor and a classifier, namely, a decision-making tree. The detection data acquisition unit serves as a detection signal inputting end of the attack detection system to acquire to-be-detected data. An output end of the detection data acquisition unit is connected with a signal input end of the detection excavation processor. A signal output end of the detection excavation processor is connected with a signal input of the classifier. A signal output end of the classifier is used for outputting of the attack detection system based on the decision-making tree to display a detection state. According to the system, an association rule method is adopted to establish a normal behavior rule set for detecting abnormal attack; further classification forecasting is performed by the decision-making tree so that false alarm rate is reduced; and according to attack detects based on the decision-making tree, the false alarm rate of an ad hoc network is reduced and capacity of detecting a new intrusion behavior of the system is improved.

Description

technical field [0001] The invention relates to a mobile Ad Hoc network attack detection technology, in particular to an attack detection module with high reliability, specifically an attack detection module based on a decision tree. [0002] Background technique [0003] At present, with the continuous development of network technology and the diversification of intrusion technologies, especially the mobile Ad Hoc network features high activity, rapid structural changes, and structural diversification, the traditional attack detection technology can no longer meet the needs of the system. [0004] Mobile Ad Hoc network attack detection technology is still immature. So far, there is still a lack of a comprehensive and guiding theoretical framework, and a lot of work still needs to be done. Most of the current mobile Ad Hoc network attack detection modules are facing serious problems of insufficient detection capability and high false alarm rate for new attack types. [00...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/24H04L12/26G06F17/30
Inventor 李千目戚湧茅海雁张泓
Owner WUXI NANLIGONG TECH DEV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap