节点文献
基于增量式关联规则挖掘算法的研究及其在手机病毒检测中的应用
Research on Association Rule Mining Algorithm Based on Incrementand Implement in Smart Phone Viruses Detection
【作者】 王旭;
【导师】 宋俊德;
【作者基本信息】 北京邮电大学 , 计算机技术(专业学位), 2013, 硕士
【摘要】 针对手机病毒的大规模蔓延,移动通信网络亟需对手机病毒进行主动防御的现状,本文对将基于增量式的关联规则挖掘算法应用于手机病毒检测做了探索性的研究并加以实现。本文选题自企业委托项目《手机病毒检测系统》,主要解决项目中关联规则挖掘模块的研究与实现,为项目提供了一种手机病毒检测的解决方案。论文的研究工作主要体现在以下几方面:1、总结了手机病毒的定义与特点,调研了手机病毒造成的各方面危害,和目前网络侧所采用的主要手机病毒防治技术;2、总结了数据挖掘技术,尤其是其中关联规则挖掘算法的基本概念和关联规则挖掘算法的一般挖掘步骤,根据有无候选项集的产生对关联规则挖掘算法进行了归纳,并对比了这两种方式的执行特点和优缺点,分析了本项目所涉及到的多值属性关联规则方面目前已有的挖掘算法特点,和与普通关联规则挖掘算法的不同之处,归纳了目前已有的关联规则客观度量方法,并分析了每种方法的特点和优缺点;3、在分析了Apriori算法和FUP算法的基础上,根据这两个算法的不足和本项目自身的数据特点,采用了新的数据库操作方法和增量更新技术,提出并阐述了对这两个算法的改进方案,并通过实验对改进的效果进行了验证;4、通过对关联规则挖掘模块在手机病毒检测系统中功能特点的研究,设计并实现了关联规则模块中所有相关子模块,并对实验测试结果进行了分析。论文的主要贡献有以下几方面。首先提出了一种基于属性预排列支持度统计的关联规则改进算法,和一种利用候选频繁项集的关联规则更新改进算法,这两项改进使得关联规则挖掘和增量更新的效率得到了一定提高。本文提出的改进算法可以广泛应用于手机病毒检测系统的关联规则挖掘模块中,在移动通信网络的主动防御领域有着重要的应用前景。经过实验测试后,手机病毒检测系统的部署应用验证了改进算法对关联规则挖掘性能提高的显著效果,和关联规则挖掘模块在手机病毒检测中的重要作用,同时实验结果表明关联规则模块对多种病毒检测的正确率超过90%。
【Abstract】 Nowadays, smart phone viruses become more destructive with increasing spreading speed, which put a strain on the limited wireless network resources and also a threat to information privacy. Consequently, an antivirus mechanism tailor-made for mobile communication network is of significant importance today. This paper firstly does an exploratory research in applying the Increment Association Rule Mining Algorithm to smart phone virus detection mechanism, and further presents an effective method to implement it. This work is supported by the enterprise-commissioned project Smart Phone Viruses detection System, and the main task is to study andimplement the Association Rule Mining (ARM) module in order to provide a cellphone virus detection solution.The main work of this paper is stated as follows. Firstly, the paper presents the definition and key features of smart phone viruses, and the classification of the viruses according to the damage caused. Also it surveys the mainstream anti-phone-virus technique used by the network side. Secondly, the paper presents the basic theory of ARM algorithm and its general steps, sort existed algorithms into two categories according to with or without candidate items, and compare their execution features, advantages and disadvantages; also analyze the multi-value attributes originated from the supporting project, as well as the existed mining algorithms for this specific attribute. It is found that the multi-value-attribute-aimed ARM algorithms own several basic differences with common ARM algorithm, which shows the importance of a new measure of association rules. For this purpose, some measures commonly used are analyzed, and the features of each are presented. Thirdly, improved algorithms for Apriori algorithm and FUP algorithm are put forward, based on new database operation technique, increment update technique and the features of data collected from the supporting project. The test shows that the improved algorithms bring significant enhancement in execution efficiency. At last, the framework of design and realization of the ARM module in smart phone virus detection system is presented, and all the test results are elaborated.The contribution of this work is that it puts forward two algorithms which bring great enhancement in association rule mining performance and increment update performance:an improved prearranged-attributes-support-statistic-based ARM algorithm, and an improved candidate-frequent-items-based ARM algorithm. These two improved algorithms can be used in ARM module in cellphone virus detection system, showing a wide application foreground in the active defense mechanism for mobile communication network.
【Key words】 Data Mining; Smart Phone Viruses Detection; Association Rule; Incremental Mining;
- 【网络出版投稿人】 北京邮电大学 【网络出版年期】2013年 11期
- 【分类号】TP311.13;TP309.5
- 【被引频次】1
- 【下载频次】144