Abstract:

The mechanism for multi-dimensional cloud model is studied. The formal representation of a clouds model for transform action between qualitative and quantitative knowledge is presented. This kind of representation reflects fuzziness and randomness contained in linguistic concepts, and can interpret uncertain reasoning process rationally when several qualitative rules are activated simultaneously. Using the data sets of KDD99, the experiment result shows that this approach can detect unknown intrusions efficiently in the real network connections.

Key words: Intrusion detection, Clouds model, Qualitative reasoning

摘要：

通过研究多维云模型机理，给出了定性与定量之间转换的云模型的形式化表示，用来反映语言值中蕴涵的模糊性和随机性，解释了多条定性规则同时被激活的不确定推理过程。实验采用了KDD99的测试数据，结果表明，该方法能够比较有效地检测真实网络数据中的未知入侵行为。

关键词: 入侵检测, 云模型, 定性推理