|
|
 |
| |
|
|
|
An Alert Correlation Analysis Oriented Incremental Mining Algorithm of Closed Sequential Patterns with Gap Constraints |
|
|
|
PP: 41-46 |
|
|
|
Author(s) |
|
|
|
Hui He,
Dong Wang,
Gui Chen,
Weizhe Zhang,
|
|
|
|
Abstract |
|
|
| Large-scale network attacks will bring great damage to the network. Although the existing detection systems are able to
detect a large number of known attacks, when facing large-scale network attacks, log data generated by these systems usually increases
rapidly, which forms vast amount of alert information in a short period of time. This paper researches on picking up alert information
efficiently and timely, which is an important need. According to the characteristics of intrusion detection log, we put forward the method
of using incremental mining algorithm of closed sequential patterns with gap constraints - cispan algorithm to analyze the growing log
database, we also compare the performance of cispan algorithm, prefixspan algorithm and clospan algorithm in analyzing intrusion
detection log, and proves that cispan algorithm has higher efficiency in analyzing alert log. |
|
|
|
|
|
|
|
