科技通报
科技通報
과기통보
BULLETIN OF SCIENCE AND TECHNOLOGY
2014年
2期
74-76
,共3页
IPv6%网络安全检测%数据挖掘%K-means算法
IPv6%網絡安全檢測%數據挖掘%K-means算法
IPv6%망락안전검측%수거알굴%K-means산법
ipv6%detection of network security%data mining%k-means algorithm
对差异设备中的底层IPv6网络安全检测模块的研究中,传统网络安全检测方法在应用层对攻击进行识别和拦截,无法保证用户的数据安全,并且识别新攻击速度慢,拦截概率低。为此提出一种基于数据挖掘融合IPSec的安全检测模块,面向用户数据安全,采用K-means数据融合算法提取入侵数据特征,建立模型库,实施拦截。通过模拟多种攻击模式对提出的算法和传统算法进行性能比较,结果显示,所提算法能够在更短的时间内,提取攻击特征,建立模型库,并且在相同次数的攻击下,模块对攻击具有更高的检测概率,平均高于传统方法15%,显示了优越的检测性能。
對差異設備中的底層IPv6網絡安全檢測模塊的研究中,傳統網絡安全檢測方法在應用層對攻擊進行識彆和攔截,無法保證用戶的數據安全,併且識彆新攻擊速度慢,攔截概率低。為此提齣一種基于數據挖掘融閤IPSec的安全檢測模塊,麵嚮用戶數據安全,採用K-means數據融閤算法提取入侵數據特徵,建立模型庫,實施攔截。通過模擬多種攻擊模式對提齣的算法和傳統算法進行性能比較,結果顯示,所提算法能夠在更短的時間內,提取攻擊特徵,建立模型庫,併且在相同次數的攻擊下,模塊對攻擊具有更高的檢測概率,平均高于傳統方法15%,顯示瞭優越的檢測性能。
대차이설비중적저층IPv6망락안전검측모괴적연구중,전통망락안전검측방법재응용층대공격진행식별화란절,무법보증용호적수거안전,병차식별신공격속도만,란절개솔저。위차제출일충기우수거알굴융합IPSec적안전검측모괴,면향용호수거안전,채용K-means수거융합산법제취입침수거특정,건립모형고,실시란절。통과모의다충공격모식대제출적산법화전통산법진행성능비교,결과현시,소제산법능구재경단적시간내,제취공격특정,건립모형고,병차재상동차수적공격하,모괴대공격구유경고적검측개솔,평균고우전통방법15%,현시료우월적검측성능。
Study on detection module of underlying IPv6 network security based on data mining and IPSec. In the tradi-tional method, the attack was identified and blocked at the application layer, it cannot ensure the security of user data, and it was slow with low probability of interception. A method of detection based on data mining and IPSec was proposed to solve this problem, the K-means algorithm was used to extract the data characteristics of intrusion, building module li-brary and intercepting. A variety of attack patterns was simulated in this paper to compare the proposed algorithm and traditional algorithm, with much experiment, the new method showed better ability, it can detect attack with a higher rate with less time, under the same attack simulation, the detection rate with this new method is 15%higher than that of tra-ditional method. Result shows good performance of detection in the application.
