针对网络安全数据高维度的特征,对传统离群点检测不能有效发现的网络数据中入侵行为细节进行检测.提出一种基于频繁模式的算法,通过检测数据项的频繁模式和关联规则,剥离数据流中或安全日志数据中的噪声和异常点,计算安全数据的加权频繁离群因子,精确定位离群点,最后从中自动筛选出异常属性.实验证明,该方法在较好的空间复杂性与时间复杂性下,能有效地发现在高维安全数据中异常的属性.%Given the high dimension of network security data, traditional stray point tests cannot detect the details of intrusion behavior in network data. This essay aimed to put forward a frequent-pattern-based algorithm. To be specific the abnormal attribute of each record could be detected by detecting the frequent patterns and association rules of the data and stripping data flow or security log data of the noises and abnormal points. Based on the calculation of weighted frequent-pattern factor of the security data, accurate positioning of outliers and the automatic screening out of abnormal properties, the experiments show that this method can effectively detect the abnormal attributes in high dimensions in less space complexity.
展开▼