| Popis: |
With the development of network technology and the popularity of network applications, network server attack number and severity are significantly increased; attack alarm data is mostly produced by duplicate and invalid. Classic attribute-oriented induction (Attribute-Oriented Induction, AOI) algorithm is used for conceptual clustering can greatly improve the processing of these data workload, but does not seem to be very effective in actual work. This paper makes a detailed discussion on how to improve the algorithm.With the development of network technology, the number of attacks on web services and severity increased significantly, so intrusion detection system (IDS) has been applied to the field of network security. However, IDS protects network, at the same time also brings a new problem: IDS will produce a lot of alarm data, and most of these alarm data are duplicate and invalid. According to the characteristics of the data, effective dealing with distributed IDS has brought a lot of alarm data, and how to eliminate duplicate or invalid data becomes a realistic problem which is urgent to be solved. Although using classic attribute-oriented Induction (AOI) for conceptual clustering algorithm can greatly improve the processing of these data workload, the algorithm have not achieved the result of simple data processing on computer processing, thus how to improve the algorithm is a urgent subject of work efficiency. |
