Al technical title is built by PatSnap Al team. It summarizes the technical point description of the patent document.
An intrusion detection and data point technology, applied in the field of information security, can solve problems such as high computational overhead and affect clustering results, achieve good clustering effect, reduce computational overhead, and enhance ease of use and practicability.
Active Publication Date: 2015-04-15
南方电网互联网服务有限公司
View PDF2 Cites 12 Cited by
Summary
Abstract
Description
Claims
Application Information
AI Technical Summary
This helps you quickly interpret patents by identifying the three key elements:
Problems solved by technology
Method used
Benefits of technology
Problems solved by technology
[0005] In view of this, an embodiment of the present invention provides an intrusion detection method and device to solve the pr
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more
Image
Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
Click on the blue label to locate the original text in one second.
Reading with bidirectional positioning of images and text.
Smart Image
Examples
Experimental program
Comparison scheme
Effect test
Example Embodiment
[0032] Example one:
[0033] figure 1 The implementation process of the intrusion detection method provided in the first embodiment of the present invention is shown, and the process of the method is described in detail as follows:
[0034] In step S101, the original data set is preprocessed, and the original data set includes a plurality of data points.
[0035] In the embodiment of the present invention, the original data set includes multiple data records (for example, heterogeneous data records), and each data record may include continuous data points and / or non-numerical data points. Perform data standardization processing, specifically:
[0036] For continuous data points in the original data set, map their data values from [min, max] to an interval whose range is less than the preset value (for example, the interval [0, 1]);
[0037] After discretizing the non-numerical data in the original data set, it is mapped into a numerical value through coding, or directly compared in ...
Example Embodiment
[0063] Embodiment two:
[0064] figure 2 The composition structure of the intrusion detection apparatus provided in the second embodiment of the present invention is shown. For ease of description, only the parts related to the embodiment of the present invention are shown.
[0065] The intrusion detection device can be a software unit, a hardware unit, or a combination of software and hardware running in each terminal device (such as a mobile phone, a tablet computer, etc.), or it can be integrated into the terminal device as an independent pendant or run on In the application system of the terminal device.
[0066] The intrusion detection device includes:
[0067] The preprocessing unit 21 is configured to preprocess an original data set, the original data set includes a plurality of data records, and each data record includes continuous data points and / or non-numeric data points;
[0068] The distance measurement unit 22 is used to measure the distance of each data point in the p...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more
PUM
Login to view more
Abstract
The invention is applicable to the field of an information safety, and provides an invasion detection method and an invasion detection device. The method comprises the steps of preprocessing primary data sets; carrying out distance measurement on the preprocessed data; obtaining the number of clusters based on a preset algorithm and the distance measurement; calculating the density indexes of preprocessed data points based on the distance measurement; calculating the distance indexes of the data points based on the distance measurement and density indexes; calculating the product of the density indexes and the distance indexes of the data points and sorting; selecting the former k data points as the center points of all clusters; distributing the rest of data points to the clusters which are closest to the data points and have the density indexes higher than the center points; sorting the clusters distributed according to the number of the data points, and judging the cluster with most data points in the cluster to be a normal cluster, and judging the rest of clusters to be abnormal clusters. According to the invasion detection method provided by the invention, the problems that the operation cost is high and the clustering result is affected by the setting of an initial value in the prior art can be solved effectively.
Description
technical field [0001] The invention belongs to the technical field of information security, and in particular relates to an intrusion detection method and device. Background technique [0002] The existing clustering algorithms applied to intrusion detection can be roughly divided into two types: one is based on partition, and the other is based on density. [0003] Partition-based clustering algorithms, such as K-means, because the number K of clusters and the initial cluster center point are artificially selected in advance, once the selection is not good, effective clustering results may not be obtained; secondly, partition-based Clustering algorithms cannot handle non-spherical clusters, clusters of different sizes and different densities. [0004] Density-based clustering algorithms, such as the classic DBSCAN (Density-Based Spatial Clustering of Applications with Noise), for intrusion data with high dimensions and a large amount of data, the computational overhead wi...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more
Application Information
Patent Timeline
Application Date:The date an application was filed.
Publication Date:The date a patent or application was officially published.
First Publication Date:The earliest publication date of a patent with the same application number.
Issue Date:Publication date of the patent grant document.
PCT Entry Date:The Entry date of PCT National Phase.
Estimated Expiry Date:The statutory expiry date of a patent right according to the Patent Law, and it is the longest term of protection that the patent right can achieve without the termination of the patent right due to other reasons(Term extension factor has been taken into account ).
Invalid Date:Actual expiry date is based on effective date or publication date of legal transaction data of invalid patent.
Login to view more 
Login to view more