Today with the open and shared Internet, Intrusion Detection System(IDS) has become an indispensable component to ensure the security of network resources. Aiming to discover and identify intrusion behaviors, IDS is a technology of information discrimination and detection, and, from the data-driven point, also a process of data analysis. In related research fields, e. g. , fraud detection, and fault management, data mining methods have made considerable success. While data mining has been more and more applied in IDS, fuzzy data mining can solve problems in IDS such as "sharp boundary" caused by pure data mining techniques.Fuzzy intrusion detection (FID) is a new method applied to intrusion detection, which employs fuzzy theory and fuzzy logic to realize fuzzy detection. The main problem of present rule-based FID is the way fuzzy detection rules are generated. Many FID approaches establish detection rules based on expert knowledge. Obviously, this method lacks objectivity and rationality, and when network settings changed, the old rules do not meet new requirements. To deal with this problem , we introduce fuzzy association rules mining algorithm(FARMA) into intrusion detection and use it to automatically extract fuzzy detection rules from network datasets, which can efficiently improve the validity and self-adaptability of fuzzy intrusion detection approach.On the other hand, the current FARMA has something irrational and imperfect when applied to intrusion detection. So fuzzy association mining algorithm is proposed and studied in this paper, and improved to increase the effectiveness and maturity of fuzzy association rules. By doing this, the speed of mining rules is efficiently enhanced, redundant rules are efficiently reduced, and the detecting speed and efficiency are improved. |