Research On Intrusion Detection Based On Data Mining

The dissertation focuses on analysis network audit data using Data Mining, and mine rules about Intrusion Detection. Through analyzing the intrusion detection technical principle and common intrusion detection model, and unifies the data mining analysis method and the treating processes model, analyzes mining intrusion detection process based on the data.And has carried on the analysis to support vector machines method in the intrusion detection feasibility, and unifies the common intrusion detection model, has given intrusion detection model based on the support vector machines, and has analyzed the flow which designs based on the support vector machines sorter.Intrusion Detection efficiency is improved by using Support Vector Machine of Machine Learning methods, thereby enhance adaptation of intrusion detection. A Study in Intrusion Detection based on Support Vector Machines, a hybrid anomaly detection algorithm associating reduct of rough set with classification of SVM is proposed to quadratic programming algorithm calculable number increasing as the variable amount increases.The underlying idea is reducing data dimension in virtue of attribute reduct to SVM, improve detection speed.This algorithm effective reduced the detection time, exactly suited to real-time intrusion detection occasion.Network intrusion detection data made up of multi-class attacks data and normal data.In intrusion detection, sometimes not only needs to differentiate the normal sample and the unusual sample from the sample collection, but also needs to carry on the discrimination to not the similar attack sample, determined the attack is what kind of type.The application of multi-class support vector machine (SVM) for network intrusion detection was researched. The dissertation has analyzed already the multi- classified support vector machine merit as well as the existence question which has at present, proposed based on two forks tree's improvement multi-classified support vector machine method, and make this method use in intrusion detection system, improved the intrusion detection efficiency, enhanced intrusion detection auto-adapted.