摘要
基于大规模数据的入侵检测分析具有重要的研究意义和实用性。针对现有系统的仿真和离线分析不足,设计和实现一套真实的网站入侵检测综合分析系统,能够将入侵检测系统和大数据分析系统结合起来。通过网络构建和软件设计,可以完成真实网站的入侵检测、数据存储、数据清洗和数据挖掘等功能。通过定时和主动两种方式,系统将入侵检测数据传输到数据库中,然后导入到Hadoop系统中。设计了人机交互软件,能够完成Hadoop系统和Mahout技术的大数据分析。实验结果表明,该系统能够快速完成随机森林模型的构建和测试,获得了满意的检测效果。
It is very important and practical to make data analysis for intrusion detection based on large scale data. For the current system problem in simulation and off-line analysis,a system is proposed to complete intrusion detection and analysis for true website. The system is integrated with two subsystems of intrusion detection and large data analysis.Through network construction and software design,the system achieves functions of intrusion detection,data storage,data cleaning and data mining for true website. With two kinds of modes of timing and active management,the data can be transmitted to the database and Hadoop system online in the system. By means of the designed software,it can make large data analysis under Hadoop system and Mahout technology. Experimental results show that the system can quickly establish the random forest model. It can achieve good detection effects.
出处
《实验室研究与探索》
CAS
北大核心
2016年第4期125-128,143,共5页
Research and Exploration In Laboratory
基金
2015年度国家级大学生创新创业计划项目(2015J00137)
北京石油化工学院优秀责任教授资助项目(BIPTPOPME-2015)
北京石油化工学院重点教改项目(ZD20140302)
作者简介
张晓明(1968-).男,江西宁都人,博士,教授,主要研究方向为网络计算和大数据技术。E—mail:zhangxiaoming@bipt.edu.cn
