Research On The Optimization Method Of Sensitive Information Monitoring For Web

In recent years, the network aggression grow every year by fact exponentially.Network intrusion means and behavior characteristic constant change and update, the traditional static defense technology has already are not suitable for network security needs.The network intrusion detection system as a powerful network firewall complement, has become a key component of network management.At present, the most widely intrusion detection system based on feature has the limitations that the features signature repository must sign on the new characteristics of the intrusions by manual update.However, network intrusion detection system that using data mining technology can give full play to the advantage of process mass data in data mining,can find unknown knowledge and regularity from data mining.It has great significance to improve test efficiency and accuracy .Through various outlier detection algorithm research, the different algorithms inferiority was compared.A dynamical local outlier detection algorithm: n-IncLOF was selectd and proposed which could adjust the n-threshold adaptively. n-IncLOF is based on the local outlier detection algorithm. Due to the problem that the number of the outliers in data streams is uneven, the adjustment function of n-threshold is proposed. We have also analyzed the situation when the data point is inserted, deleted and modified. The description of the n-IncLOF algorithm is given and the complexity of the algorithm is analyzed too. Then the anomaly detection system OutlierDIDS has been designed which uses the n-IncLOF algorithm as the detection engine based on both host and network properties.At last, the experiment of outlier detection performed on the KDD CUP99 data stream proves the validity of the n-IncLOF algorithm: it could not only increase the detection rate significantly but also reduced the false alarm rate at the same time compared to the original algorithm. The feasibility of the OutlierDIDS : effectiveness, adaptability and real-time performance is also proved in the experiment.