The Application Research Of Data Mining In Network Intrusion Detection

Along with the continuous development of computer network, more and more enterprises and governments treat their business on intranet and Internet; network security shows itself as a serious problem in front of people. Traditionally, users used Firewall as their first line of defense. But with the increasing maturity of Cracker and the increasing attack means, pure firewall strategy can't satisfy the requests. At the same time, the network environment become more and more complicated and all kinds of complicated equipments need continuous upgrade and filling leak. All those aggravate the work of network administrators. A litter of negligence could result in great loss. In such circumstance, intrusion detection system becomes the hotspot in security market. It wins more and more attentions, and begins to exert its key function in various environments.In this thesis, network intrusion detection technology is researched. Its implement and performance are analyzed. The advantages and disadvantages of misuse detection and anomaly detection are respectively analyzed. In order to solve problems existing in traditional intrusion detection systems, this thesis puts forward the application of data mining technology and Honeypot technology in intrusion detection. Data mining algorithms and its application in intrusion detection are researched; the whole process of network data collection, data pretreatment, conformation of training data volume, data filtration and creating intrusion detection rules by using data mining are designed. A network intrusion detection system project is designed; its framework and main function and its application in network control systems are expounded.This thesis is divided into six chapters. Chapter 1 is an introduction. It mainly introduces intrusion detection technology and the work of this thesis. Chapter 2 discusses the conception of intrusion detection technology. Chapter 3 introduced the technology of data mining, common algorithms and its application in intrusion detection. Chapter 4 discusses the design of data collection pretreatment system and how to create intrusion detection rules. Chapter 5 discusses the design and application of instruction detection system based on data mining. This thesis finally summarizes the work and points out the emphases and direction in the future.