文献类型：会议论文

英文题名：The Optimal Application of the Algorithms of Detection and Data Mining in Honeynet

作者：Dong Nanping[1];Zhou Guanling[1];Wang Yuping[1]

第一作者：董南萍

通讯作者：Dong, NP[1]

机构：[1]Beijing Union Univ, Coll Automat, Beijing, Peoples R China

第一机构：北京联合大学城市轨道交通与物流学院

通讯机构：[1]corresponding author), Beijing Union Univ, Coll Automat, Beijing, Peoples R China.|[1141751]北京联合大学城市轨道交通与物流学院;[11417]北京联合大学;

会议论文集：IITA International Conference on Control, Automation and Systems Engineering

会议日期：JUL 11-12, 2009

会议地点：Zhangjiajie, PEOPLES R CHINA

语种：英文

外文关键词：data mining; detection algorithm; honeynet; optimal design; active defense

摘要：This paper puts forward a technical scheme which properly arranges IDS and optimally applies the algorithms of detection and data mining to the Honeynet environment based on a project of building automation system completed by the author recently. In this specific environment, the position of IDS is deployed reasonably and the anomaly and misuse detection algorithm of IDS is designed and selected optimally. Meanwhile, the misuse detection rules are updated dynamically with the combination of data-mining algorithm RIPPER. The design makes the classical and mature algorithms of anomaly detection, misuse detection and RIPPER data mining display their technical characteristics and advantages to the largest extent in the project and enable the honeynet to protect the internal control network as expected.