• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>International Atlantic Web Intelligence Conference(AWIC 2004); 20040516-20040519; Cancun; MX >Attribute Reduction for Effective Intrusion Detection
【24h】

Attribute Reduction for Effective Intrusion Detection

机译:减少属性以进行有效的入侵检测

获取原文
获取原文并翻译 | 示例
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Computer intrusion detection is to do with identifying computer activities that may compromise the integrity, confidentiality or the availability of an IT system. Anomaly Intrusion Detection Systems (IDSs) aim at distinguishing an abnormal activity from an ordinary one. However, even in a moderate site, computer activity very quickly yields Giga-bytes of information, overwhelming current IDSs. To make anomaly intrusion detection feasible, this paper advocates the use of Rough Sets previous to the intrusion detector, in order to filter out redundant, spurious information. Using rough sets, we have been able to successfully identify pieces of information that succinctly characterise computer activity without missing chief details. The results are very promising since we were able to reduce the number of attributes by a factor of 3 resulting in a 66% of data reduction. We have tested our approach using BSM log files borrowed from the DARPA repository.
机译:计算机入侵检测与确定可能损害IT系统的完整性,机密性或可用性的计算机活动有关。异常入侵检测系统(IDS)旨在区分异常活动和普通活动。但是,即使在中等规模的站点中,计算机活动也会很快产生千兆字节的信息,这使当前的IDS不堪重负。为了使异常入侵检测可行,本文提倡在入侵检测器之前使用粗糙集,以过滤掉多余的虚假信息。使用粗糙集,我们已经能够成功识别出简洁地表征计算机活动的信息,而不会丢失主要细节。由于我们能够将属性数量减少3倍,从而减少了66%的数据,因此结果非常有希望。我们已经使用从DARPA存储库借来的BSM日志文件测试了我们的方法。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号