当前位置:主页 > 管理论文 > 移动网络论文 >

基于数据挖掘的入侵检测技术研究

发布时间:2018-08-21 14:03
【摘要】:在网络信息技术飞速发展的今天,网络信息技术正在深刻地改变人们的生活方式。同时,网络信息安全问题也逐渐成为影响人们生活的核心问题之一。入侵检测技术是保护网络信息安全的一种应用比较广泛重要方法,它的主要特点是能够对网络系统进行主动保护。作为网络信息安全的第二条防御战线,入侵检测技术可以对防火墙和信息加密等传统的信息安全防御技术进行补充和扩展,与传统安全防御手段相结合一起组成完善的信息安全防御体系。 数据挖掘是一种应用广泛的数据分析和处理技术。数据挖掘技术能够快速有效地对大数据进行分析和挖掘,从中找出有用和所需的知识信息。对于入侵检测系统而言,从大量的网络系统数据中发现与入侵行为相关的信息是实现入侵检测的关键。将数据挖掘应用于入侵检测当中,能够有效发挥数据挖掘技术处理大数据的优势,从数据的角度发现入侵行为的本质特征,从而实现入侵检测性能的有效提升。 本文对数据挖掘中常用的聚类、分类和特征提取等三种技术在入侵检测中的应用进行了研究,以提高入侵检测系统的检测效果。首先针对传统基于划分的聚类算法在入侵检测中的应用情况,为了解决检测结果受初始聚类中心和数目设置影响的问题,采用能够自动决定聚类中心和数目的仿射传播聚类算法,与异常检测技术相结合,建立一种入侵检测系统。然后对分类算法在入侵检测中的应用进行了研究,针对传统KNN分类算法中无法得到最优分类面的问题,提出了一种改进的KNN分类检测算法,引入了本地超平面的概念,在传统KNN分类算法的基础上,根据测试样本点到各类训练样本本地超平面的距离对测试样本进行分类。最后对入侵检测中的数据预处理模块进行了研究,针对入侵检测中原始数据含有大量冗余特征信息的问题,在HKNN分类算法的基础上建立了一种线性判别分析方法,对原始数据进行特征提取,有效降低了数据维度,减少了入侵检测系统的计算资源消耗。 最后通过对KDD CUP99数据集进行仿真实验,对以上各种方法的可行性和有效性进行了验证。
[Abstract]:With the rapid development of network information technology, network information technology is profoundly changing people's way of life. At the same time, network information security has gradually become one of the core issues affecting people's lives. Intrusion detection technology is an important and widely used method to protect the network information security. Its main characteristic is that it can protect the network system actively. As the second defense front of network information security, intrusion detection technology can supplement and extend traditional information security defense technologies such as firewalls and information encryption. A perfect information security defense system is formed by combining with traditional security defense methods. Data mining is a widely used technology of data analysis and processing. Data mining technology can quickly and effectively analyze and mine big data to find useful and needed knowledge information. For intrusion detection system, it is the key to realize intrusion detection to discover information related to intrusion behavior from a large amount of network system data. The application of data mining in intrusion detection can give full play to the advantages of data mining technology in dealing with big data and discover the essential characteristics of intrusion behavior from the point of view of data so as to realize the effective improvement of intrusion detection performance. In this paper, the application of clustering, classification and feature extraction in intrusion detection is studied in order to improve the detection effect of intrusion detection system. Firstly, aiming at the application of the traditional partition-based clustering algorithm in intrusion detection, in order to solve the problem that the detection results are affected by the initial clustering center and the number setting, Based on the affine propagation clustering algorithm which can automatically decide the cluster center and the number, an intrusion detection system is established by combining with anomaly detection technology. Then, the application of classification algorithm in intrusion detection is studied. Aiming at the problem that the traditional KNN classification algorithm can not get the optimal classification surface, an improved KNN classification detection algorithm is proposed, and the concept of local hyperplane is introduced. Based on the traditional KNN classification algorithm, the test samples are classified according to the distance from the test sample points to the local hyperplane of all kinds of training samples. Finally, the data preprocessing module in intrusion detection is studied. Aiming at the problem that the original data contains a lot of redundant feature information in intrusion detection, a linear discriminant analysis method is established on the basis of HKNN classification algorithm. The feature extraction of the original data can effectively reduce the data dimension and reduce the computational resource consumption of the intrusion detection system. Finally, the feasibility and effectiveness of the above methods are verified by the simulation of the KDD CUP99 data set.
【学位授予单位】:北京邮电大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TP393.08;TP311.13

【参考文献】

相关期刊论文 前10条

1 毛俐e,

本文编号:2195967


资料下载
论文发表

本文链接:https://www.wllwen.com/guanlilunwen/ydhl/2195967.html


Copyright(c)文论论文网All Rights Reserved | 网站地图 |

版权申明:资料由用户bbede***提供,本站仅收录摘要或目录,作者需要删除请E-mail邮箱bigeng88@qq.com