模糊关联规则挖掘算法及其在异常检测中的应用

基金项目: 国家公安部科研基金资助项目(200342-823-01)

详细信息

Algorithm of Mining Fuzzy Associate Rules in Anomaly Detection

¹ School of Electronic and Information Engineering, Wuhan University, 129 Luoyu Road, Wuhan 430079, China;² Department of Computer & Information Engineering, Wuhan Industry Institute, Special 1 Zhonghuan Western Road, Evergreen Garden, Wuhan 430023, China

摘要: 阐述了在入侵检测中应用模糊关联规则挖掘的方法,提出了对传统Apriori算法的改进。最后以网络流量分析为例,详细描述了在入侵检测中运用模糊关联规则挖掘的步骤,并以规则集相似度建立对入侵的响应机制。
- 异常检测 /
- 数据挖掘 /
- 模糊关联规则
Abstract: An algorithm of mining fuzzy association rules is presented on the basis of improving the classic association rules mining algorithm-Apriori to solve the problem "sharp boundary". In the algorithm, each quantitative attribute is replaced by a fuzzy set and divided into several attributes, which are calculated as separate attributes of database in mining fuzzy associate rules. The process of applying the approach in anomaly detection is discussed in detail. Using experiments on network traffic analysis, the feasibility of applying the mining fuzzy associate rules in intrusion detection is validated.
- anomaly detection /
- data mining /
- fuzzy associate rules