Data mining-based network intrusion detection method

Data mining-based network intrusion detection method

The invention discloses a data mining-based network intrusion detection method, relating to a network intrusion detection method. The existing real-time intrusion detection method cannot detect network intrusion behaviors with characteristics changed in real time. The invention solves the above prob...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: LI YIZHUO, ZHAO XUEWEN, ZHANG FENGBIN, SU ZIHENG, CHEN RUI, FAN HAOYI, LIANG JIAN
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention discloses a data mining-based network intrusion detection method, relating to a network intrusion detection method. The existing real-time intrusion detection method cannot detect network intrusion behaviors with characteristics changed in real time. The invention solves the above problem. According to the method, a known network intrusion type is analyzed at first, a program activity cycle is extracted, a characteristic corresponding to the known network intrusion type is acquired and a network intrusion type model is trained; network intrusion is simulated, and a host of an ELKlog analysis platform is deployed so as to monitor all log files; and finally, network intrusion is monitored in real time based on the network intrusion type model, and the ELK log analysis platformdetects changed log files and abnormal data in the log files and updates major detected objects, so as to complete the network intrusion type model. The data mining-based network intrusion detectionmethod is applicable to det