Data mining based intrusion detection system with self-learning and classified early warning functions

An intrusion detection system and data mining technology, applied in the field of information security, can solve problems such as poor self-adaptability, failure to detect unknown attacks and known attacks, and achieve the effect of improving monitoring efficiency

Inactive Publication Date: 2015-07-29
UNIV OF SCI & TECH BEIJING
View PDF6 Cites 34 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

With the continuous improvement of network throughput and transmission speed, its processing performance and detection efficiency are greatly challenged;
[0005] 2) The detection ability is limited by the number and accuracy of the rules in the rule base, that is, only known attacks in the rule base can be detected, but unknown attacks and variants of known attacks cannot be detected, and the adaptive ability is poor

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Data mining based intrusion detection system with self-learning and classified early warning functions
  • Data mining based intrusion detection system with self-learning and classified early warning functions
  • Data mining based intrusion detection system with self-learning and classified early warning functions

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] figure 1 , figure 2 They are the structural diagram and the working flow chart of the intrusion detection system of the present invention respectively.

[0035] The technical solution of the present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments.

[0036] First, the cluster analysis module uses an improved K-means algorithm to perform cluster analysis on the training data. This method presets a cluster radius R, and then selects the first data packet as the center of the first cluster. When the next data packet arrives, calculate the similarity between the data packet and all cluster centers, if their similarity is less than or equal to R, divide it into the corresponding cluster, and recalculate the average of the cluster center value. If their similarity is greater than R, the data packet is used as the new cluster center. In the process of cluster analysis, each time a new cluster is cr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a data mining based intrusion detection system with self-learning and classified early warning functions. The system comprises a clustering analysis module, an anomaly detection engine, a rule base, a correlation analysis module, a rule generalization module, a rule management module, a log record and a classified early warning module. The data mining based intrusion detection system has the advantages that a data mining technique is applied to intrusion detection, and existing data mining algorithms and network attack characteristics are utilized fully, so that self-learning and classified early warning of the intrusion detection system are realized, detection accuracy and efficiency are improved effectively and substantial economic value and use value are achieved.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a data mining-based self-learning hierarchical early warning intrusion detection system. Background technique [0002] The rapid development of information technology and the rapid popularization of the Internet have changed people's work, study and lifestyle. Computer networks have become an important guarantee for the development of an information society and are becoming more and more important in human society. However, due to its openness, interconnection, sharing and other characteristics, the risk of intrusion attacks is becoming more and more serious. In recent years, individual users and enterprises are faced with increasingly complex and proliferating security issues and threats, especially mixed threats such as viruses, worms, Trojan horses, and spam, which have caused significant losses to personal and enterprise information and networks. Whether it ca...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06F17/30H04L12/26
Inventor 郁志超马忠贵王彩云马闪闪
Owner UNIV OF SCI & TECH BEIJING
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap