Incremental intrusion detection method fusing rough set theory and DS evidence theory

A technology of evidence theory and intrusion detection, applied in electrical components, transmission systems, etc., to reduce the possibility of evidence conflict, overcome the high false alarm rate, and improve detection accuracy

Active Publication Date: 2016-06-15
CHONGQING UNIV OF POSTS & TELECOMM
View PDF3 Cites 20 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In view of this, the object of the present invention is to provide an incremental intrusion detection method that combines rough sets and DS evidence theory, which integrates misuse detection technology and anomaly detection technology, overcomes the defect of using a single technology, and improves Improve the detection accuracy and detection efficiency of the detection system; and realize the incremental learning function of the detection system, so that the misuse rule base and the normal behavior profile of the network can be improved and updated in real time with the dynamic changes of the network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Incremental intrusion detection method fusing rough set theory and DS evidence theory
  • Incremental intrusion detection method fusing rough set theory and DS evidence theory
  • Incremental intrusion detection method fusing rough set theory and DS evidence theory

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] The preferred embodiments of the present invention will be described in detail below with reference to the accompanying drawings.

[0037] The incremental intrusion detection system proposed by the present invention is as follows: figure 1 As shown, it mainly includes three parts: misuse detection module, anomaly detection module, and incremental unit. Specifically, rough set theory is used to reduce the attributes and rules of the network attack data, build a misuse detection engine, and use the pattern matching method to judge whether the network is under attack according to the established decision rule base. For the attack types not included in the decision rule base, the anomaly detection engine based on the DS evidence theory is used for detection; the DS evidence theory fuses the attribute features after the rough set reduction, and according to the fused identification framework Θ{normal, Abnormal, uncertain} support to determine whether the network is under at...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an incremental intrusion detection method fusing a rough set theory and a DS evidence theory, and belongs to the network information security field. Aiming at the problems that a detection system cannot satisfy a high speed network real-time detection demand and the detection precision is not high, the method uses a rough set theory to pre-treat a network data stream so as to reduce redundant data, and improves the detection speed. A misuse rule set is extracted from a reduced data set, most attack types are identified through a pattern matching mode, and furthermore the misuse detection is realized. The method employs a misuse detection module, an abnormal detection module, and an incremental unit. The abnormal detection module is realized based on the DS evidence theory and used for detecting attack types not included in a misuse rule base. The incremental unit is used for improving the misuse rule base and updating a built network normal behavior profile in real time. The incremental intrusion detection method fusing the rough set theory and the DS evidence theory improves the detection efficiency and the detection precision of the detection system, and especially for newly arisen attack types.

Description

technical field [0001] The invention belongs to the technical field of computer network information security, and relates to an incremental intrusion detection method combining rough sets and DS evidence theory. Background technique [0002] With the rapid development of computer networks and the wide application of network technology in people's lives, people's daily life is increasingly inseparable from the network, so people pay more and more attention to network security. With the continuous development of hacking technology and the upgrading of various network viruses, only relying on firewalls, encryption and other technologies can no longer meet the needs of network security. Intrusion Detection System (Intrusion Detection System, 1DS), as the last line of defense to protect network security, has gradually attracted people's attention. The intrusion detection system collects the information of key nodes in the host and network, and judges whether the host or network ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1441
Inventor 屈洪春王帅唐晓铭王平
Owner CHONGQING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap