本文關鍵詞： 入侵檢測 數(shù)據(jù)挖掘 關聯(lián)規(guī)則 遺傳算法　出處：《中南大學》2005年碩士論文　論文類型：學位論文

【摘要】：網(wǎng)絡安全是一個十分復雜的問題,它涉及到網(wǎng)絡工程的許多方面,如網(wǎng)絡技術(shù)、網(wǎng)絡協(xié)議、入侵檢測系統(tǒng)的構(gòu)建和加密算法等。本文主要研究了基于數(shù)據(jù)挖掘的入侵檢測技術(shù)這個課題。 從論文的結(jié)構(gòu)來看,第一章簡單回顧了網(wǎng)絡安全技術(shù)的發(fā)展過程,論述了入侵檢測及其相關算法的研究現(xiàn)狀,對本論文的章節(jié)安排和論文的研究思路做了介紹。 第二章論述了入侵檢測技術(shù)的基本概念、檢測模式,以及入侵檢測的通用模型,闡述了現(xiàn)有入侵檢測系統(tǒng)的不足。 第三章論述了數(shù)據(jù)挖掘技術(shù)的許多方法,重點分析了關聯(lián)規(guī)則分析方法和遺傳算法分析方法,目的是為后面對此兩種算法的進一步研究和應用做鋪墊。 第四章在對基于數(shù)據(jù)挖掘的入侵檢測系統(tǒng)的結(jié)構(gòu)和功能的分析基礎上,提出了要解決的兩個關鍵問題是誤報、漏報問題和檢測速度的問題。在分析Apriori算法的基礎上,提出了對Apriori算法的改進辦法。進一步論述了加權(quán)關聯(lián)規(guī)則算法及其入侵檢測中的具體實現(xiàn)。在論述了把遺傳算法應用到入侵檢測系統(tǒng)中的基礎上,本文提出了基于關聯(lián)規(guī)則和遺傳算法的復合入侵檢測模型及其實現(xiàn)辦法,這是本論文的一個創(chuàng)新之處。 第五章針對目前基于數(shù)據(jù)挖掘的入侵檢測中的一些問題,提出了分級數(shù)據(jù)挖掘入侵檢測模型及實現(xiàn)辦法,此方法把數(shù)據(jù)挖掘分級實行,把規(guī)則庫分為兩類,通過規(guī)則管理器動態(tài)進行調(diào)整。實驗表明此方法可以有效地提高入侵檢測的效率。 第六章闡述了校園網(wǎng)安全體系的構(gòu)建方法。重點論述了通過網(wǎng)絡如何建立一個免費的入侵檢測系統(tǒng)。 最后分析了基于數(shù)據(jù)挖掘的入侵檢測技術(shù)的發(fā)展方向。
[Abstract]:Network security is a very complex problem . It involves many aspects of network engineering , such as network technology , network protocol , construction of intrusion detection system , encryption algorithm , etc . This paper mainly studies the technology of intrusion detection based on data mining . From the structure of the paper , the first chapter briefly reviews the development process of network security technology , discusses the research status of intrusion detection and its related algorithms , and introduces the chapter arrangement and the research thinking of the thesis . In the second chapter , the basic concept , the detection mode and the general model of intrusion detection are discussed , and the shortcomings of the existing intrusion detection system are expounded . In chapter 3 , the methods of data mining are discussed , the correlation rule analysis method and genetic algorithm analysis method are analyzed , and the purpose of this paper is to pave the way for further research and application of the two algorithms . In chapter 4 , based on the analysis of the structure and function of the intrusion detection system based on data mining , two key problems to be solved are the problems of false positives , leakage problems and detection speed . On the basis of analyzing the Apriori algorithm , this paper presents an improved approach to the Apriori algorithm . In the fifth chapter , aiming at some problems in intrusion detection based on data mining , this paper puts forward a classification data mining intrusion detection model and its implementation method . The method divides data mining into two categories , which are dynamically adjusted by rule manager . Experiments show that the method can effectively improve the efficiency of intrusion detection . Chapter 6 describes the construction method of campus network security system , and discusses how to establish a free intrusion detection system through the network . Finally , the development direction of intrusion detection technology based on data mining is analyzed .

【學位授予單位】：中南大學
【學位級別】：碩士
【學位授予年份】：2005
【分類號】：TP393.08

【參考文獻】

相關期刊論文 前5條

1 陳偉,彭文靈,楊敏;基于數(shù)據(jù)挖掘的入侵檢測系統(tǒng)中挖掘效率的研究[J];贛南師范學院學報;2003年06期

2 吉根林;遺傳算法在數(shù)據(jù)挖掘中的應用[J];信息技術(shù);2001年12期

3 覃愛明,胡昌振,譚惠民;數(shù)據(jù)挖掘技術(shù)在網(wǎng)絡攻擊檢測中的應用[J];計算機工程與應用;2002年11期

4 盛思源,戰(zhàn)守義,石耀斌;基于數(shù)據(jù)挖掘的入侵檢測系統(tǒng)[J];計算機工程;2003年01期

5 茅潔,蔣雄文;基于數(shù)據(jù)挖掘的入侵檢測技術(shù)[J];現(xiàn)代電子技術(shù);2004年06期

，

本文編號：1461768