Use data mining methods to analyze the audit data and provide anomaly detection based on the generated normal patterns, this method can improve the performance of intrusion detection system.
利用数据挖掘技术对审计数据加以分析,总结出一些正常模式,用来进行异常检测,将有助于提高入侵检测系统的检测准确性和完备性。
Finally, our system is analyzed and evaluated in a "SYN flood" environment, and a method of applying clustering to anomaly detection is added to improve its performance.
最后,本文对系统模型应用于网络拒绝服务攻击环境的实例进行了分析,并提出了一种应用聚类分析对系统的改进方法。
应用推荐