%0 Journal Article
%T An improved model of Snort system based on data mining<br>基于数据挖掘的Snort系统改进模型
%A ZHANG Ya-ling
%A KANG Li-jin School of Computer Science
%A Engineering
%A Xi''an University of Technology
%A Xi''an Shaanxi
%A China
%A <br>张亚玲
%A 康立锦
%J 计算机应用
%D 2009
%I 
%X An improved model of the Snort network intrusion detection system based on the theory of data mining was proposed, regarding the problem that Snort is powerless to new types of intrusion. In the new model, normal behavior patterns mining module, anomaly detection engine module and new rules generating module were added to the Snort system. By these improvements the system has double capacity of learning rules from new intrusions and learning normal behavior patterns from normal data. The test result shows that new types of intrusion can be detected effectively, the false negative of Snort can be reduced, and the detection efficiency of the system has been enhanced.
%K intrusion detection
%K Snort
%K data mining
%K rule learning<br>入侵检测
%K Snort系统
%K 数据挖掘
%K 规则学习
%U http://www.alljournals.cn/get_abstract_url.aspx?pcid=5B3AB970F71A803DEACDC0559115BFCF0A068CD97DD29835&cid=8240383F08CE46C8B05036380D75B607&jid=831E194C147C78FAAFCC50BC7ADD1732&aid=A324A8A268806044820781D3B5026090&yid=DE12191FBD62783C&vid=771469D9D58C34FF&iid=0B39A22176CE99FB&sid=0493D643315CD829&eid=34D9E20AD82A0D72&journal_id=1001-9081&journal_name=计算机应用&referenced_num=1&reference_num=7