| With the continuous development of science and technology,network has gradually reach every household. But we have to admit that network also gives some negative factors when facilitates our lives, which is a serious threat to our normal network life. We study the Trojan and intrusion detection deeply after investigating network attack and defense technology and data mining technology roundly. At the basis, we utilize data mining technique in mining the intrusion detection rules and achieved certain results.Firstly, we introduce the basic concept of network security and the importance of intrusion detection in network security. Subsequently we discuss the basic concepts of intrusion detection and the application of data mining in intrusion detection recently. Secondly, in chapter 3 we discuss the common attack technique-Trojan and focus on the hidden technique of Trojan. At this basis, a new DLL Trojan utilizing system service is designed and realized. In chapter 4,we introduce the application of association rules in intrusion detection and improve the traditional Apriori algorithm to extract the rules from daily network data, the experiment result shows that this improved algorithm has improved more in mining speed and detectable probabilities. Finally, we discuss the pivotal technique of intrusion detection system. We optimize the bottom data capture module after comparing some familiar data capture mechanism; Then an improved multi-pattern matching algorithm is designed and protocol analysis technique is applied in IDS to improve the detectable probabilities; At last we utilize SMS to achieve real-time and diversity character of the alarm mode. This research is supported by science and technology item"Knowledge Acquiring Based on Grey Rough Set Theory"(JAO5290)of Fujian Education Communitee. |
PDF Full Text Request