Conditional mutual information based network intrusion classification method of double-layer semi-idleness Bayesian

A technology of conditional mutual information and Bayesian classifiers, which is applied in data exchange networks, electrical components, digital transmission systems, etc., can solve problems that do not take into account the different independent relations of event attributes of different categories, high time complexity, and inability to Apply real-time intrusion detection system and other issues to achieve the effect of improving intrusion detection performance, reducing false alarms, and improving classification accuracy performance

Inactive Publication Date: 2008-03-05
NANJING UNIV
View PDF0 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, these classifiers cannot be applied to intrusion detection systems with high real-time requirements and the pursuit of prediction accuracy, either be

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Conditional mutual information based network intrusion classification method of double-layer semi-idleness Bayesian
  • Conditional mutual information based network intrusion classification method of double-layer semi-idleness Bayesian
  • Conditional mutual information based network intrusion classification method of double-layer semi-idleness Bayesian

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0063] The present invention will be described in detail below in conjunction with the accompanying drawings.

[0064] As shown in Figure 1, the intrusion detection system obtains network message data through the network session event collection device, and performs preprocessing such as message data formatting and feature extraction, and then performs intrusion identification. The results of intrusion identification can continue to carry out alarm correlation, intrusion Tracking and other follow-up processing.

[0065] Intrusion identification is the core step of the network intrusion detection system, and the idea of ​​the present invention is to improve the performance of the entire network intrusion detection system by improving the classification accuracy of the classifier in the intrusion identification. The flow chart of the intrusion identification process, that is, the network intrusion classification method based on the conditional mutual information-based double-lay...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The method includes steps: (1) training phase: (a) collecting known determined whether dialog events are intruded, and extracting features as training set; (b) pretreating the training set; (c) obtaining trained bilaminar half lazy Bayes classifier based on conditional mutual information; (d) ending; (2) classifying phase: (e) pretreating dialog events to be tested; (f) using classifier obtained from step (1)-(c) to classify pretreated dialog events; (g) returning back classified result; (h) ending. Keeping low time complexity in application phase, the invention raises performance of classified precision so as to raise intrusion detection performance of intrusion detection system.

Description

technical field [0001] The invention relates to a network intrusion detection method, in particular to a network intrusion classification method based on a Bayesian classifier. Background technique [0002] In the environment of rapid development of network technology and increasingly prominent network security issues, traditional host-based or network-based intrusion detection systems have been difficult to meet the detection tasks of more and more complex network attacks. Introducing technologies such as machine learning and data mining into intrusion detection systems has become one of the main directions of intrusion detection system research. For example: intrusion detection technology based on Bayesian classification method, intrusion detection technology based on neural network and intrusion detection technology based on association rule mining, etc. [0003] Naive Bayesian classifier has been widely used in the field of intrusion detection because of its simplicity ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/26H04L12/24H04L29/06
Inventor 王崇骏孙江文吴骏陈世福
Owner NANJING UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap