构建入侵事件序列模式的挖掘方法, 并对其进行隐私保护, 对算法进行优化, 减少运行周期;采用MSAP方法思路, 通过数据预先处理、生成全局攻击序列、构建候选模式数据库、取得最大攻击行为集和最大攻击序列, 并加载隐私保护;通过实验证明QSPM算法和PQSPM算法相比原有算法无论从运行周期还是高效性都有明显优势;表明QSPM和PQSPM算法在入侵事件序列模式挖掘方面具有更好的性能。
The mining method of the sequential patterns for invasion events is constructed and loaded with the privacy preservation.Algorithm is optimizedand its operating cycle is shorten.All the above is obtained by adopting the MSAP algorithm, data pre-processing, generating the global sequence of attacking, constructing the database of candidate pattern, obtaining the maximum set of the attacks and the maximum sequence of attacks, and loading privacy preservation.Experimental results show that the QSPM algorithm and the PQSPM algorithm have obvious advantages over the original algorithm in the aspects of operating cycle and efficiency and the two algorithms have better performance in mining of the sequential patterns for invasion events.
[1]R.Agrawal, and R.Srikant.Mining sequential patterns[C].Proceedings of the Eleventh International Conference on Data Engineering, 1995:3-14.
[2]董晓梅, 于戈, 孙晶茹, 等.基于频繁模式挖掘的报警关联与分析算法[J].电子学报, 2005, 33(8):1356-1359.
[3]Wang M F, Wu Y C, Tsai, M F, et al.Sequential pattern discovery for intrusion detection system[J].International Symposium on Communications and Information Technologies, 2010:470-474.
[4]陈秀真, 郑庆华, 管晓宏, 等.网络化系统安全态势评估的研究[J].西安交通大学学报, 2004, 38(4):404-408.
[5]Liu J, Pan Y, Wang K, et al.Mining frequent item sets by opportunistic projection [C].Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining, 2002:229-234.
[6]Sweeney L, Anonymity K.A model for protecting privacy [J].International Journal on Uncertainty Fuzziness and Knowledge based Systems, 2002, 10(5):557-570.
[7]Stein R.Personally controlled online health data-the next big thing in medical care[J].New England Journal of Medicine, 2008, 358(16): 1653-1656.
[8]李之堂, 王莉, 李东.一种新的在线攻击意图识别方法研究[J].小型微型计算机系统, 2008, 29(7):1347-1352.
