An Intrusion Detection System Based On Data Mining

The Network makes us share all of the information, including the information of person, company and the government. With more and more using of the Network, more intrusion and more demolishment occurred. Computer Network' s safe is a world' s problem, every year we loss more than two million because of demolishment. Not only the government and commerce but also the finance and media web site are intruded and destroyed in different degree. Network Security becomes the important member in the safe of nation and national defense, and it is meaningfulness for the national network economy.It is becoming a very important task to protect computer system-, network system and the whole Information Infrastructure, and to keep away from the intrusion. Network Security is a system conception; efficiency Security Policy is the first aim for Network Security, The Intrusion Detection is a new security technology, apart from tradition security protect technology, such as firewall and data crypt.When many current Intrusion Detection System (IDS) using user behavior profile to build normal patterns or abnormal patterns, since it do not using Data Mining technology, the user behavior profile can't reflect the fact. Moreover, the normal pattern or abnormal pattern is not perfect and the false alarm rate and leak alarm rate are very high. The more important, there is often the need to update an installed IDS due to new attack methods or upgraded computing environments. Since many current IDS are constructed by manual encoding of expert knowledge, changes to IDS are expensive and slow. However, the data mining techniques in discovering behavior features has a big advantage, in this paper, we describe a data mining framework for adaptively building Intrusion Detection (ID) models. In this models, first we extract features and rules fromthe training data, then using these rules to detect new intrusion, by using this means, updating rules and system will be more faster and cheaper, and the detection rate is high, the result proves that using data mining technology for building Intrusion Detection System is viably and availably.