Network intrusion classification method based on Bayes of total indirected graph

A Bayesian classifier and network intrusion technology, which is applied in data exchange networks, special data processing applications, instruments, etc., can solve problems such as inability to apply real-time, failure to consider attribute independence, relationship dependency, and high event complexity , to achieve the effect of improving intrusion detection performance, simple calculation, and reducing false alarm rate

Inactive Publication Date: 2009-03-25
NANJING UNIV
View PDF0 Cites 19 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, these classifiers cannot be applied to high real-time requirements and the pursuit of prediction accuracy due to the high complexity of events, or because they do not take into account the attribute independence relationship of different class label events and the dependency relationship between different attributes. intrusion detection system

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network intrusion classification method based on Bayes of total indirected graph
  • Network intrusion classification method based on Bayes of total indirected graph
  • Network intrusion classification method based on Bayes of total indirected graph

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0045] Such as figure 1 As shown, the intrusion detection system obtains network message data through the network session event collection device, and performs preprocessing such as message data formatting and feature extraction, and then performs intrusion identification. deal with.

[0046] Intrusion identification is the core step of the network intrusion detection system, and the idea of ​​the present invention is to improve the performance of the entire network intrusion detection system by improving the classification accuracy of the classifier in the intrusion identification. The intrusion recognition process is the flow chart of the Bayesian network intrusion classification method based on the completely undirected graph of the present invention. figure 2 shown.

[0047] Step 0 is the initial state of the network intrusion classification method of the present invention;

[0048] In the training phase (steps 1-3), step 1 collects historical session events known to b...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a complete undirected graph-based Bayes network intrusion classification method, which comprises the following steps: (1) training phase: (a) collecting sessions with known invasion results and performing feature extraction to obtain a training set; (b) pre-processing the training set; (c) training a complete undirected graph-based Bayes classifier; and terminating; and (2) classification phase: (a) pre-processing sessions to be detected; (b) classifying the processed sessions with the Bayes classifier obtained in (1) step (c); (c) returning classification results; and (d) terminating. On the premise of simple calculation, the complete undirected graph-based Bayes network intrusion classification method improves the precision of the classifier, especially for anomalous events of small sample targets, so as to improve the intrusion detection performance of an intrusion detection system.

Description

technical field [0001] The invention relates to a network intrusion detection method, in particular to a network intrusion classification method based on a Bayesian classifier. Background technique [0002] Intrusion detection technology is a new type of network security technology that has emerged in the past 20 years. As the second security gate behind the firewall, it can detect various forms of intrusion behavior and is an important part of the modern computer network security system. In the environment of rapid development of network technology and increasingly prominent network security issues, traditional host-based or network-based intrusion detection systems have been difficult to meet the detection tasks of more and more complex network attacks. Applying technologies such as machine learning and data mining to intrusion detection systems has become one of the main directions of intrusion detection system research. For example: Intrusion detection technology based ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/26H04L29/06G06F17/30
Inventor 王崇骏焦从信赵志宏骆斌
Owner NANJING UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap