| Intrusion detection system (IDS) is an automated system for the detection of intrusions in computer system. The main goal of IDS is to detect unauthorized use, misuse and intruding computer systems by both system insiders and external intruders. The key content of intrusion detection is network security audit, and the purpose of network security audit is to monitor the whole network and running status of applications in real time, to detect the suspicious or dangerous behaviors in time, to give alarms and take measures to obstruct those behaviors, and to take records of the security audit. However, there are some problems in the process of network security audit such as low rate of accuracy and poor self-adaptability. In order to solve these problems, in this scheme I take IDS to cooperate with firewall and honeypot for working more efficiently. Because cooperation and information share between each system and their same goal, can shorten procession time and enhance system working efficiency. Another deep-mining concept is to perform muti-layer and muti-algorism data mining for finding unknown intrusion and attack ways with utilizing system resource sufficiently. I take this two concepts into design of ID security audit, and I syncretize data mining and network security audit sharable technology, establish ID security audit model based on DM principle by improving contemporary design.
|
PDF Full Text Request