首页>
外国专利>
An Anomaly Detection Method for Network Intrusion Detection
An Anomaly Detection Method for Network Intrusion Detection
展开▼
机译:一种网络入侵检测的异常检测方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
PURPOSE: A method of performing anomaly detection for network invasion detecting is provided to detect anomaly network packets by using a clustering based on similarity between feature vectors, so as to develop a more efficient invasion detecting system. CONSTITUTION: A network invasion detecting system performs a clustering by using network packet sets for a test(11). The detecting system receives network packets through a network device. The detecting system extracts a feature vector from the packets(12). The detecting system selects a cluster having the most similarity with the extracted vector among existing clusters(13). The detecting system confirms whether the similarity value is bigger than a given threshold value(14). The detecting system receives the feature vector of the packet that is decided as normal, and re-preforms a clustering between feature vectors.
展开▼