针对分布式入侵检测系统在实际应用中存在大量重复报警和高误报率的问题,在研究DBSCAN算法的基础上,引入时间密度,提出一种基于空间和时间密度的抗噪声聚合算法(DBS&TCAN)。基于空间密度聚合局部报警信息和时间密度对局部聚合结果进行合并,可以有效减少重复报警并降低误报率。实验采用数据集测试的方法对算法进行了测试,并与相关研究工作进行比较和分析。结果表明,该算法具有较好的聚合效果,并在实时性方面体现出优势。 In order to solve the problem of large number of repeated alarms and high false alarm rate, aiming at the problem of distributed intrusion detection system, based on the study of DBSCAN algorithm, the introduction of time density, an anti-noise aggregation algorithm based on space and time density (DBS & TCAN) . Based on local alarm information and time density of spatial density aggregation, the results of local aggregation can be merged to effectively reduce repeated alarms and reduce false alarm rate. Experiments using dataset test method to test the algorithm, and compared with the relevant research work and analysis. The result shows that this algorithm has a good effect of aggregation and shows advantages in real-time.