• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>International symposium on cyberspace safety and security >Online Mining of Attack Models in IDS Alerts from Network Backbone by a Two-Stage Clustering Method
【24h】

Online Mining of Attack Models in IDS Alerts from Network Backbone by a Two-Stage Clustering Method

机译:通过两阶段聚类方法在线挖掘网络骨干IDS警报中的攻击模型

获取原文
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

There is little work has been done to mine attack models online in IDS alerts from the network backbone. The contributions of this paper are three-fold. Firstly, we put forward a software-pipeline online attack models mining framework suited with alert clustering mining methods. Secondly, we propose an online alert reduction method and improve two-stage clustering method. Thirdly, we propose an approach to adjust parameters used in the framework on the fly. The experiment shows that the data feature is stable in sequence length to apply the parameters self-adjustment algorithm, and parameters self-adjustment works well under the online mining framework. The online mining attack models is efficient compare to offline mining method, and generated attack models have convincing logic relation.
机译:在网络骨干网的IDS警报中,在线挖掘攻击模型的工作很少。本文的贡献是三方面的。首先,提出了一种适用于警报聚类挖掘方法的软件管道在线攻击模型挖掘框架。其次,提出了一种在线预警减少方法,并对两阶段聚类方法进行了改进。第三,我们提出了一种动态调整框架中使用的参数的方法。实验表明,该数据特征在序列长度上是稳定的,可以应用参数自调整算法,并且参数自调整在在线挖掘框架下效果很好。在线挖掘攻击模型与离线挖掘方法相比效率更高,生成的攻击模型具有令人信服的逻辑关系。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号