Abstract:
Defending distributed denial of service(DDoS) attacks is one of the most difficult security problems in Internet. A novel intrusion detection system based on data mining to detect DDoS attacks in real time is presented. K-means cluster algorithm combining Apriori association algorithm is used to group the quantitative attributes in network traffic, and extracts traffic patterns from network data to generate detection models. Experimental result shows that DDoS attacks can be detected efficiently.
Key words:
distributed denial of service(DDoS) attacks,
intrusion detecting system,
data mining,
cluster algorithm,
association algorithm
摘要: 防御分布式拒绝服务(DDoS)攻击是当前网络安全中最难解决的问题之一。针对该问题文章设计了基于数据挖掘技术的入侵检测系统,使用聚类k-means方法结合Apriori关联规则,较好地解决了数值属性的分类问题,从数据中提取流量特征产生检测模型。实验表明,该系统可以有效检测DDoS攻击。
关键词:
分布式拒绝服务攻击,
入侵检测系统,
数据挖掘,
聚类算法,
关联规则
CLC Number:
YANG Chang-chun; NI Tong-guang; XUE Heng-xin. DDoS Intrusion Detection System Based on Data Mining[J]. Computer Engineering, 2007, 33(23): 167-169.
杨长春;倪彤光;薛恒新. 一种基于数据挖掘的DDoS攻击入侵检测系统[J]. 计算机工程, 2007, 33(23): 167-169.