| With the severity of the network security problem, how to use the data mining-based intrusion detection system to find intrusion activities efficiently and quickly has become important to the security of system and network resource. Unsupervised anomaly detection methods can detect the anomaly records in unlabled dataset. It can overcome the shortcoming of the traditional data mining methods, and automate the labeling and creating process of the intrusion detection model. It has become the useful tool of the intrusion detection. Clustering is the representation of unsupervised anomaly detection methods. But the data mining-based technique has it shortcoming of the real time detection which is an important part in the intrusion detection, because it can not judge whether the action is normal or not. So how to improve the detection efficiency of the data mining-based intrusion detection system is the most important thing.Because of the altitudinal regularity of the network protocol of the data package, a new intrusion detection system is suggested, in order to improve the efficiency. The protocol analysis technique is suggested to be attached to the Clustering data mining system. On the one hand, it can take out the illegal data efficiently and reduce the amount of data set which is to be clustered, on the other hand, it can make the data set measure up the hypothesis of the Clustering data mining technique. In the new intrusion diction system, the Clustering technique is also improved, and it makes the work more efficient.The research of the new intrusion detection system is not only to propose a network security resolvent, but also to take an exploration of the development of intrusion detection technique. With the continue... |
PDF Full Text Request