Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network intrusion detection method based on association rule classification

A network intrusion detection and rule technology, applied in electrical components, transmission systems, etc., can solve the problems of high false alarm rate, lack of adaptability, inability to detect and respond to intrusions, etc., to improve timeliness and accuracy, and improve overall detection. Excellent effect

Active Publication Date: 2016-02-03
TIANJIN UNIVERSITY OF TECHNOLOGY
View PDF4 Cites 25 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Applying data mining technology to network intrusion detection has become a research hotspot. There have been many research results in this area at home and abroad, but there are still some shortcomings and difficulties as follows: most data mining intrusion detection systems focus on anomaly detection or error detection. However, anomaly detection has a high rate of false alarms, and misuse detection has a high rate of false negatives; at present, most systems are quasi-real-time systems that cannot detect and respond to intrusions in a timely manner; in the face of different network environments , and constantly changing intrusion types, the current network intrusion detection system lacks adaptability

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network intrusion detection method based on association rule classification
  • Network intrusion detection method based on association rule classification
  • Network intrusion detection method based on association rule classification

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0041] Combine below Attached picture The specific embodiment of the present invention will be described in further detail.

[0042] Applying the association rule algorithm to intrusion detection is mainly a data-centric point of view, and the collection and processing of network connection data is not within the scope of the present invention. In the present invention, the international standard network connection data set 10% KDDCup99 is taken as an example, and the intrusion network connection is classified based on the idea of ​​data mining.

[0043] figure 1 A method of network intrusion detection based on association rule classification is described in detail. Method provided by the invention comprises the following steps:

[0044] The first step is to preprocess the international standard data set 10% KDDCup99, and divide the preprocessed data set into two parts: training set and test set.

[0045] Step 1.1, add position parameters for each column of data. Beca...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a network intrusion detection method based on association rule classification. The network intrusion detection method comprises the steps of pre-processing network data, extracting an association rule, classifying network connection data and displaying a classification result. According to the invention, on the basis of an improved Apriori algorithm (Apriori-index), a KDDCup99 network connection data set, namely an international standard data set, is taken for example; firstly, the association rule is extracted from network connection data selected from the KDDCup99 network connection data set; then, test network connection data is classified according to the association rule; therefore, whether current network connection is attack connection or not can be judged; the specific attack type of the current network connection can also be judged; and related statistical data is displayed. The Apriori-index algorithm is more suitable for the KDDCup99 data set; the association rule extraction speed and the network connection classification speed are greatly increased; the accuracy of a detection result is also improved; and the disadvantages of slow classification speed and high false alarm rate in the traditional intrusion detection system are improved to a certain degree.

Description

technical field [0001] The method relates to the field of network intrusion detection systems, in particular to a network intrusion detection method based on association rule classification. Background technique [0002] Intrusion detection collects and analyzes network behavior, security logs, audit data, other information available on the network, and information on several key points in the computer system to check whether there are signs of violations of security policies and attacks in the network or system. It plays a very important role in the security of the network system and is an important supplement to the firewall. Intrusion detection can complete the protection of the network system without affecting the performance indicators of the network system. [0003] Applying data mining technology to network intrusion detection has become a research hotspot. There have been many research results in this area at home and abroad, but there are still some shortcomings and...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416
Inventor 王劲松莫敬涛黄玮杨传印
Owner TIANJIN UNIVERSITY OF TECHNOLOGY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com