| As the development of computer network technologies, network increases the quality of our life in our society. At the same time, the traditional security technique of network can't prevent the action of network intrusion. As an active defendable technique security of network, intrusion detection has become an important measure. But the intrusion means always change in any time, as a result, it's difficult to detect complicated and unknown intrusion means by the traditional rules matching. So we need to solve these problems that the traditional IDS can't deal with .So we need to usethe Data Mining to deal with these problems.Firstly, the thesis does precisely researches on the network intrusion detection technology and data mining technology. Then according the limits of current IDS like the weakness in the self-adaptation ability, and the high expenses in the constructing patterns. The thesis integrates the course of Data Mining and the traditional intrusion detection to design an intrusion detection system based on the data mining technology. The model detects the known intrusion on rules database, and the anomaly detector discovers unknown intrusion by the technology of Data Mining from the numerous data automatically and rapidly. And produces intrusion characteristic rules by rule creater, then these rules were put into the rules database. In the design, the methods of Data Pre-processing are provided, and the mining as well as the comparison of frequent patterns. The thesis, expands the mining algorithm FP_Growth for the association rules, it resolves the default of the IDS with HP algorithm. And constructs additional features by picking up some characteristics, which more meaningful patterns could be mined and the system's execution efficiency and the accuracy of rules could be improved. Finally, it achieves the aim of improvement of the IDS. |
PDF Full Text Request