Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Invasion detection method and device

An intrusion detection and data point technology, applied in the field of information security, can solve problems such as high computational overhead and affect clustering results, achieve good clustering effect, reduce computational overhead, and enhance ease of use and practicability.

Active Publication Date: 2015-04-15
南方电网互联网服务有限公司
View PDF2 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In view of this, an embodiment of the present invention provides an intrusion detection method and device to solve the problems in the prior art that the calculation overhead is large and the setting of the initial value affects the clustering result

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Invasion detection method and device
  • Invasion detection method and device
  • Invasion detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0033] figure 1 The implementation flow of the intrusion detection method provided by Embodiment 1 of the present invention is shown, and the process of the method is described in detail as follows:

[0034] In step S101, the original data set is preprocessed, and the original data set includes a plurality of data points.

[0035] In the embodiment of the present invention, the original data set contains multiple data records (such as heterogeneous data records), and each data record may contain continuous data points and / or non-numeric data points, which need to be separately Perform data normalization processing, specifically:

[0036] For continuous data points in the original data set, map its data value from [min, max] to an interval whose range is smaller than the preset value (such as [0, 1] interval);

[0037] For the non-numerical data in the original data set, after discretization, it is encoded and mapped into a numerical value, or directly compared in the distanc...

Embodiment 2

[0064] figure 2 The composition structure of the intrusion detection device provided by the second embodiment of the present invention is shown, and for the convenience of description, only the parts related to the embodiment of the present invention are shown.

[0065] The intrusion detection device can be a software unit, a hardware unit, or a combination of software and hardware running in each terminal device (such as a mobile phone, a tablet computer, etc.), or it can be integrated into the terminal device as an independent pendant or run on the In the application system of the terminal device.

[0066] The intrusion detection device includes:

[0067] The preprocessing unit 21 is used to preprocess the original data set, the original data set includes a plurality of data records, and each data record includes continuous data points and / or non-numeric data points;

[0068] A distance measurement unit 22, configured to perform distance measurement on each data point in ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention is applicable to the field of an information safety, and provides an invasion detection method and an invasion detection device. The method comprises the steps of preprocessing primary data sets; carrying out distance measurement on the preprocessed data; obtaining the number of clusters based on a preset algorithm and the distance measurement; calculating the density indexes of preprocessed data points based on the distance measurement; calculating the distance indexes of the data points based on the distance measurement and density indexes; calculating the product of the density indexes and the distance indexes of the data points and sorting; selecting the former k data points as the center points of all clusters; distributing the rest of data points to the clusters which are closest to the data points and have the density indexes higher than the center points; sorting the clusters distributed according to the number of the data points, and judging the cluster with most data points in the cluster to be a normal cluster, and judging the rest of clusters to be abnormal clusters. According to the invasion detection method provided by the invention, the problems that the operation cost is high and the clustering result is affected by the setting of an initial value in the prior art can be solved effectively.

Description

technical field [0001] The invention belongs to the technical field of information security, and in particular relates to an intrusion detection method and device. Background technique [0002] The existing clustering algorithms applied to intrusion detection can be roughly divided into two types: one is based on partition, and the other is based on density. [0003] Partition-based clustering algorithms, such as K-means, because the number K of clusters and the initial cluster center point are artificially selected in advance, once the selection is not good, effective clustering results may not be obtained; secondly, partition-based Clustering algorithms cannot handle non-spherical clusters, clusters of different sizes and different densities. [0004] Density-based clustering algorithms, such as the classic DBSCAN (Density-Based Spatial Clustering of Applications with Noise), for intrusion data with high dimensions and a large amount of data, the computational overhead wi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/55G06F17/30
CPCG06F21/55G06F18/21355
Inventor 张爽张涌宁立
Owner 南方电网互联网服务有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products