| With the rapid development of the internet, the problem of network security is becoming more and more serious, just like the frequent attacks in various kinds .Though the application of firewall has hold back the intrusion of network virus in a certain degree, it still can not meet of people's needs for network security with the development of network attacking techniques. More and more worms,virus and backdoors have succeeded in breaking through the firewall, for the reason that traditional firewalls can only deal with the known attacks but not the potential ones. Under this circumstances , invasion test in the function of network security alarm ahead is attacking more and more attention.The sticking point of intrusion detection is how to collect the valid data and analysis sorts of intrusion acts. At present, two kinds of techniques are applied----- misused detection and anomaly detection. Misused detection presumes that the act and method of the intrusion can be described as a pattern or a character. It can detect out the known intrusion act precisely but its disadvantage is that the unknown intrusion act can't be detected. And anomaly detection is a method based on act. However, its misinformation rate and failure-in-report rate is high for its immature analyzing method. Clustering analysis is a hot field of the data-mining research, which classifies a large number of data automatically after analyzing them, and it is fit for being applied in the anomaly detection. So on such basis, one intrusion detection method is proposed which is based on minimum diversity.. And then the module of the intrusion detection has been designed. The experimental shows that this intrusion detection module can detect out some unknown intrusion... |
PDF Full Text Request