导　　师： 曾传璜

学科专业： H1203

授予学位： 硕士

作　　者： ;

机构地区： 江西理工大学

摘　　要： 随着计算机网络技术的飞速发展,网络攻击越来越普遍,也难以防范。同时越来越多的政府、商业、金融等机构和部门将自己的数据库连接到Internet上,网络数据库受到的攻击越来越多,造成的损害越来越大,数据库安全问题逐渐成为计算机网络安全问题的焦点,迫切需要研究针对数据库的入侵检测技术来提高安全性。因此,研究如何快速准确地检测出网络中数据库入侵事件的发生,就显得尤为重要和迫切。<br>　　数据挖掘是计算机和数理统计相结合的一个新兴的研究领域。将数据挖掘技术应用于入侵检测系统,能很好的解决海量数据处理的问题,并能挖掘出未知的攻击特征,这对入侵检测系统发现未知类型的攻击有很大的帮助。由于数据挖掘往往涉及到数据仓库或大型数据库中的海量数据,所以效率问题就显得尤为重要。算法效率的高低将直接影响到入侵检测系统的效果。<br>　　本文针对基于数据挖掘的入侵检测技术展开研究。主要对数据挖掘关联规则的Apriori算法进行了重点分析和研究,从提高检测算法效率出发,对传统Apriori算法提出了改进,改进后的算法提高了算法效率。并将SQL语言的集合操作技术引入到改进的Apriori算法中,使其更适用于数据库入侵检测系统,并设计出一个基于数据挖掘技术的自适应的数据库入侵检测系统模型。系统的数据源来自于事件探查器,结合误用检测和异常检测的特点,先进行误用检测,再进行异常检测,降低数据库入侵检测系统的漏检率和误报率;根据用户历史行为模式和当前行为模式的相似度比较来检测用户当前行为模式的异常。根据检测结果,不断更新规则库,提高系统的自适应性。 With the rapid development of network technology, network attacks have become more popular it will be difficult to prevent. At the same time, a growing number of governments, business and financial sector institutions and their own databases on the Internet to connect to the network database by the increasing number of attacks, the damage caused by the growing database security issues emerging as computer network security The crux of the matter is an urgent need for research database intrusion detection technology to improve security.So we need to study intrusion detection technology on databases to intensify the security. Data mining is a computer and mathematical statistics, combining the disciplines of a new research field. Data mining technology will be used in intrusion detection systems, to a very good solution to the problem of mass data-processing and mining of unknown characteristics of the attack, which is found in intrusion detection system known types of attacks are a great help. As a result of data mining often involves large-scale data warehouse or database of mass data, so efficiency is particularly important. The efficiency of the algorithm will have a direct impact on the level of intrusion detection system. This paper aimed at based on data mining for intrusion detection technology research. The main data mining of association rules Apriori algorithm focus on the analysis and research, improve the efficiency of detection algorithm based on the traditional Apriori algorithm proposed improvements, improved algorithms to improve the efficiency of the algorithm. SQL language and a collection of the introduction of technology to improve the operation of the Apriori algorithm, to make it more applicable to the database intrusion detection system and a design based on data mining technology of adaptive database intrusion detection system model.System data source from the Profiler, combined with the misuse detection and anomaly detection features first misuse detection, further anomaly detec

关 键 词： 入侵检测系统 数据库安全 数据挖掘 算法

领　　域： [自动化与计算机技术] [自动化与计算机技术] [自动化与计算机技术] [自动化与计算机技术]