• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>Computer Applications in Industry and Engineering >Data Mining Strategies From Network Intrusion Detection As Applied To Identifying High-Risk Containers
【24h】

Data Mining Strategies From Network Intrusion Detection As Applied To Identifying High-Risk Containers

机译:来自网络入侵检测的数据挖掘策略,用于识别高风险容器

获取原文
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Due to the increased importance recently placed on national security and preventing terrorist attacks, we feel that developing a methodology for detecting high-risk containers at our ports is critical to maintaining a sense of security in the United States. Utilizing data mining principles which have been applied to the concept of Network Intrusion Detection, we have developed a proposed methodology for categorizing containers as they arrive at U.S. ports so as to identify containers which may pose a threat in time to search them and prevent them from entering the United States to be used for harm. We feel that network intrusion detection is a good basis for a methodology for preventing high-risk containers from entering the United States because of the similarities the two topics share. Network intrusion detection is the process of identifying connections to a network which are abnormal, which do not behave as a normal connection would. Similarly, detecting high-risk containers is the process of identifying containers which do not fit the standard profile. Maybe the containers are from an unknown shipper, maybe they were handled by an unknown warehouse or ship, and maybe they went through more than the average number of ports on their way to the country. Whatever the anomaly may be in a container, it is the key to identifying that container as a threat. Because anomaly detection is also the key to identifying network intrusions, we feel that the underlying principles utilized in network intrusion detection can be effectively applied to high-risk container detection. In this paper we discuss the similarities between the two application areas and propose a modular design for a system for detecting high-risk containers, which utilizes three approaches from the area of network intrusion detection.
机译:由于最近对国家安全和防止恐怖袭击的重视日益提高,我们认为开发一种方法来检测我们港口的高风险集装箱对于维持美国的安全感至关重要。利用已应用于网络入侵检测概念的数据挖掘原理,我们开发了一种提议的方法,可对到达美国港口的集装箱进行分类,以识别可能对及时搜索构成威胁并防止其受到威胁的集装箱进入美国是为了伤害。我们认为,网络入侵检测是防止高风险容器进入美国的方法的良好基础,因为这两个主题具有相似之处。网络入侵检测是识别到网络的连接的过程,这些连接的行为不正常。同样,检测高风险容器是识别不符合标准配置文件的容器的过程。也许这些货柜来自一个不知名的托运人,也许是由一个不知名的仓库或轮船来处理的,也许这些货柜在运往该国的途中所经过的港口数量超过了平均数量。不管容器中有什么异常,这都是将容器识别为威胁的关键。因为异常检测也是识别网络入侵的关键,所以我们认为网络入侵检测中使用的基本原理可以有效地应用于高风险容器检测。在本文中,我们讨论了这两个应用领域之间的相似性,并提出了一种用于高风险容器检测系统的模块化设计,该系统采用了来自网络入侵检测领域的三种方法。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号