| Nowadays, with the surfing of global information and rapid expanse of computer network, information has been the decisive factor for the promotion of the development of economy and society. People are confronted with more and more serious problem of information security while they sharing global resources and information. In a network environment, it is an important and focal question of Information Security that how the data and resources of the system can be protected from unauthorized accesses, malicious intrusions and misuses.lt has been the focus of research. In nearly twenty years, researches on the Intrusion Detection System, the core of Network Security, have been done at home and broad. Intrusion Detection System, new domain of Network Security, is a core research area in dynamic Information Security, but it still has many problems, especially in self-completing and self-learning. To solve these problems, this thesis proposed a new model for the intrusion detection system that based on the data mining. We have discussed some key technical problems and related solutions. We apply some existing algorithms of association analysis, sequence pattern analysis, and data classification to the Intrusion Detection System. Moreover, we draw characteristics and set up rules on the intrusive behaviors. We detect intrusion action by analyzing the audit data and patterns recognition, to form an intelligible detection system. In the end of this thesis, we implement a prototype by experimenting on misuse detection of connection records and anomaly detection of user behavior profiles. The future research direction of intrusion detection system is also summarized.
|
PDF Full Text Request