The Application Of Intrusion Detection Based On Data Mining

Data mining is a techniques in common use, which is a process people can find mode they are interested in from vast data. Intrusion detection is an essential component of critical infrastructure protection mechanisms. We describe our research in applying data mining techniques to construct intrusion detection models. Our intrusion detection models is mainly deal with Misuse detection and Anomaly detection, the research of paper is focus on these 2 sides. This paper using data mining technique in designing instrusion detection system that is a new model of Network Security.In Misuse detection, the emphases is how to design characteristic data used in intrusion detection, and using Classification rules to judge attack or not. The mostly advantage of Anomaly detection is that it can detect unknown attack. It is the develop orientation of Intrusion detection. In this paper, we mainly apply clustering algorithm and Sequence Matching to construct Anomaly detection model.This thesis consists of 6 chapters. The first chapter widely investigates the definitions, histories, research fields, and application fields of Network Security. The second chapter systematically introduce the basic theories of Intrusion Detection and Data mining, and analyze the process and feasibility to construct a Intrusion Detection based on Data mining. In the third chapter, we mainly discuss how to construct a Misuse detection Model using Classification of Data mining techniques, and analyze the improved method of how to design characteristic data used in intrusion detection. In the forth chapter, we mainly discuss 2 applications. the first is Sequence Matching, which use conception of Similarity to judge behavior of system. The other is clustering algorithm, which has prominence characteristic. The fifth chapter construct Misuse detection and Anomaly detection Model for network security based on the techniques discussed in the past chapter, and analyze the most framework of system. Finally we apply a few invasion test. The sixth chapter reviews contributions of this paper and prospects the future works.