Study On Intrusion Detection Technology Base On Data Mining

Along with the fast development of the Information Technology, the security problem of information becomes the focus of people's attention, and the security problem of the database system is a very important part of the information security. Data mining as a rule mining method is introduced in intrusion detection. In recent years, many experts and academicians have researched in how to enhance the efficiency of the rule mining of the intrusion detection system, and have acquired many achievements.This paper has improved on the classic data mining algorithm Apriori, and introduces it to intrusion detection system. The main researches are showed below.(1)This paper put forward a database intrusion detection system based on the advanced Apriori algorithm. This system includes data preprocessing module, rule creating module, intrusion detection module and response module. In the data preprocessing module, we first transform the audit data to the boolean data in order to do the rule mining; In the rule creating module, we introduce the advanced Apriori algorithm in order to enhance the efficiency of the rule mining; In the intrusion detection module, we use compound search engine composition by abnormity detection and the abuse detection, in order to overcome their weakness; In the response module, it can response respectively to the different result.(2)This paper research in the classic Apriori algorithm, aiming at the Apriori algorithm's characteristic that it have to scan the whole databace for each member of candidate itemset C to define the degree of support, we introduce an advanced Apriori algorithm, it will adopt distinction of number of frequent subitem to decreace the scan of the superior frequent items when this algorithm use Apriori property to delete the candidate itemset. When it compute the degree of support of the candidate items,it adopt the data structure of index tree to store data, which can decreace the scan of databace to a large extent and raise the algorithm's whole efficiency. And it introduces the advanced Apriori algorithm to the audit data rule mining.