Snort alert data aggregation method based on corner mark random read

Snort alert data aggregation method based on corner mark random read

The invention provides a Snort alert data aggregation method based on corner mark random read. The method comprises the steps of S1, collecting original Snort alert data; S2, standardizing the original Snort alert data to obtain standardized Snort alert data; S3, preprocessing the original Snort ale...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: KONG KAICHUAN, GONG YUMING, HE QIAN, WANG YONG, ZHOU LISHENG, TAO XIAOLING
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
HANDLING RECORD CARRIERS
PHYSICS
PRESENTATION OF DATA
RECOGNITION OF DATA
RECORD CARRIERS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention provides a Snort alert data aggregation method based on corner mark random read. The method comprises the steps of S1, collecting original Snort alert data; S2, standardizing the original Snort alert data to obtain standardized Snort alert data; S3, preprocessing the original Snort alert data; S4, carrying out random scattered arrangement on the standardized Snort alert data of the S2 in a random corner mark generation mode; S5, calculating similarity of each attribute of the scattered standardized Snort alert data; S6, calculating global similarity among the scattered Snort alert data and calculating a weight value of each attribute in each piece of Snort alert data; and S7, calculating the global similarity of each piece of Snort alert data according to the similarity of each attribute obtained in the S5 and the weight value of each attribute obtained in the S6, and recording an aggregation result. According to the method, through adoption of a corner mark random read algorithm, the alert data