3. 结论

    本文从构建自适应入侵检测算法角度出发，借鉴基于孤立点挖掘的异常检测方法，提出一种基于异常检测的自适应入侵检测算法，将孤立点数据的关联分析和入侵检测技术结合起来，使其能够较好的检测到已知攻击变种和未知攻击。基于孤立点挖掘的自适应算法在入侵检测应用上有很大的优势，能够进一步把人给解放出来，减少人为干预。实验结果表明基于异常检测的自适应入侵检测算法可以提供比较准确的检测报告，从而能够为信息系统提供高效准确的入侵检测服务。

4. 参考文献

[1]. Anderson, J.P , Computer Security Threat Monitoring and Surveillance, Technical Report,1980
[2]. M. Roesch. Snort - lightweight intrusion detection for networks, in Proceedings of USENIX USA, 1999.
[3]. W. Lee and S. Stolfo, A framework for constructing features and models for intrusion detection systems, ACM Transactions on Information and System Security, vol. 3, pp. 227-261, Nov. 2000
[4]. M. Mahoney and P. Chan, Learning Nonstationary Models of Normal Network Traffic for Detecting Novel Attacks. SIGKDD 2002. July 23-26 2002.
[5]. S. Rubin, S. Jha, and B. Miller, Automatic Generation and Analysis of NIDS Attacks, Proceedings of 20th Annual Computer Security Applications Conference, (Tucson ,AZ,USA),IEEE Computer Society ,Dec 2004.
[6]. K.Julisch, Clustering intrusion detection alarms to support root cause analysis, ACM Transaction on Information and System Security, vol.6
[7]. S.Axelsson, The base-rate fallacy and its implications for the difficulty of intrusion detection, In CCS '99: Proceedings of the 6th ACM conference on Computer and communications security (1999), pp. 1-7.
[8]. Z.Li, A.Das, Visualizing and identifying intrusion context from system calls trace, Computer Security Applications Conference, 2004, pp. 61-70.
[9]. David Wagner, Paolo Soto,Mimicry attacks on host-based intrusion detection systems, Proceedings of the 9th ACM conference on Computer and communications security (2002), pp. 255-264.
[10]. K. Julish, Data mining for intrusion detection: A critical review, IBM, Kluwer, Boston, MA, Res. Rep. RZ 3398, Feb. 2002. No. 93450.
[11]. Smaha S. Haystack: An Intrusion Detection System. In: Proceedings of the 4th Aerospace Computer Security Applications Conf, Orlando, 1988:37-44
[12]. K.Prakobphol1, J.Zhan ,A Novel Outlier Detection Scheme for Network Intrusion Detection Systems, ICISA 2008.
[13]. R. Agrawal, R.Srikant. Fast Algorithm for Mining Association Rules, Proceedings of 20th Int. Conf, pp. 487-499
[14]. E. Eskin, M. Miller, Z Zhong, et al, Adaptive model generation for intrusion detection, ACMCCS Workshop on Intrusion Detection and Prevention, Athens, Greece, 2000.
[15]. Wenke Lee, Applying data mining to intrusion detection: the quest for automation, efficiency and credibility, ACM SIGKDD Explorations Newsletter,2002,Volume 4，Issue 2
[16]. S. Mukkamala , A H. Sung ,Feature Selection for Intrusion Detection using Neural Networks and Support Vector Machines, Journal of Network and Computer Applications, 2005
[17]. S. Zhang, cluster algorithms survey, http://ariszheng.googlepages.com/clustersuvey.pdf

(责任编辑：adminadmin2008)