摘要： 在现有基于已知特征项特征提取算法的基础上，提出一种基于已知特征项和环境相关量的特征提取算法。该算法通过已知特征项搜索频繁项集，提高了特征提取速度。环境相关量的引入使提取的特征能更准确地描述入侵行为。实验结果表明，该算法在提取同类入侵行为的特征时，比Signature Apriori算法更快更准确。

关键词: 特征提取, 环境相关量, ROC曲线

Abstract: According to the existing signature extraction algorithm which considers the known character, this paper proposes a signature extraction algorithm based on known characteristic and environment dependent variable. This algorithm can improve the extracting speed by using the known character while searching the frequent items. The environment independent variable makes the signature more accurate. The experimental results show that this algorithm can extract the signature more quickly and more accurately than the Signature Apriori algorithm.

Key words: signature extraction, environment dependent variable, ROC curve

中图分类号: 

• TP301