基于数据挖掘的入侵检测系统-软件工程专业论文.docxVIP

摘要摘 摘要 摘 要 本文主要研究了入侵检测系统(IDS)的系统模型与工作原理，在此基础上 分析现有IDS存在的不足之处，进而研究了数据挖掘技术在IDS中的应用。本 文主要研究工作如下。 首先，构建了基于数据挖掘的入侵检测系统优化模型AA DMIDS，该模型大 大提高了实时入侵检测能力。其次，对该模型中的数据挖掘算法进行了研究和改 进，在此基础上提出了入侵条件限制的关联分析、序列分析和数据分类等数据挖 掘算法，并通过实验证明该改进有利于IDS工作效率的提高。最后，设计开发 了基于数据挖掘的入侵检测系统软件——DM／IDS。研究的应用系统已经在国家 安全部、北京、上海等十多个省市得到广泛应用，取得良好的社会与经济效益。 本研究课题得到安全部专项研究项目(2001QBl074)的支持。本论文是该 研究项目的理论总结和提高，该项研究成果2002年获得国家安全部科技进步二 等奖。 关键字：入侵检测入侵检测模型数据挖掘自治代理系统协同 AbstractAbstract Abstract Abstract This paper mainly deals with the model and working principle of Intrusion Detection System(IDS)．On the basis of this，the limitations of IDS available are analyzed and the application of DM technology in IDS is also explored．The main study in this paper is as follows． Firstly,a new kind of optimized model called AA—DMIDS which improves the capacity of real-time intrusion detection is presented．Secondly,the algorithms for mining association rule，sequence rule and classification rule restricted by intrusion detection terms are proposed on the basis of the improvement of data mining in the model．It is proved by experiment that the improvement helps to enhance the efficiency of IDS．Finally,a data-miIling-based IDS software ～DM／IDS is designed and realized based on the study on the model and the algorithms above．This system has already been widely used by the Ministry of National Secufity and in over ten provinces and cities like Bering and Shanghai，and gains outstanding economic and social benefit． This research subject is supported by the Ministry of National Security．This paper is the summary and improvement of this research．The outcome of the project Was awarded the second prize for the promotion of science and technology by the Ministry ofNational Security i13 2002． Keywords：Intrusion Detection Intrusion Detection Model Data Mining Autonomous Agent System Collaboration 声 声 鹾 箭新性声龋 本人声明所呈焚的论文是我个人谯弹师的指导下进行的研究工作及jj旰取得的研 究蔽祭。尽蔑繇甄，豫了文字褥爨船戳檬注帮蒙漆中搿罗嗣嚣内容获癸，论文中蚕 包含疑他人已发表或撰写的研究成果；也不包含为获得西安电子科技大学或其他教 育机构的学位或证：侈雨霞瘸过的材瓣。与我一稀工作酶两意