| With the popularization of the applications of network-based computersystems and the increasing frequency of e-commerce, security issues become moreand more outstanding. Intrusion detection system (IDS) plays important rolesin the information security architecture. The computer criminal is more and morepressing and dangerous nowadays, which poses urgent demands on the performanceof IDS. However, current intrusion detection systems lack effectiveness,adaptability and extensibility. Aimed at these shortcomings, this thesis takesa data-centric view to IDS and describes a framework for constructing intrusiondetection model by mining audit data. Classification rules are inductivelylearned from audit records and used as intrusion detection models.This thesis first provided the background on IDS. We then provided the datamining knowledge and the applications in Intrusion Detection. We focused on theconstruction of classification models. The goal of this thesis research istherefore to develop a framework that facilitates automatic and systematicconstruction of IDS. This thesis researched on an algorithm that the field usesextensively in Intrusion Detection System is decision tree classificationalgorithm. The thesis also provided the method to accelerate computationalspeed, and has proposed setting up classification model with the decision treealgorithm that many subsets hierarchy. This algorithm mainly combines thethought of hierarchy and decision to structure. Also it is the most importantissue to construct a set of proper features for the classification models.At last, we described in the process of building many subsets hierarchyclassification models from data provided by KDD99, get the decision trees andclassification rules of all kinds of intrusion behaviors. Have proved that thisclassification model has better classification results. |
PDF Full Text Request