| With the development of network, the security of information is one of the most important parts of network service. Detection becomes the indispensable component to ensure the security of network resources. Aiming to discover and identify the intrusion behavior, intrusion detection is a technology of information discrimination and detection. From the data-driven point, it is also a process of data analysis. In the correlative research field, e.g., fraud detection, and fault management, data mining methods have made considerable success. Nowadays, the application of data mining to intrusion detection has gained more and more attention.As an intrusion detection system to handle the enormous volume of information,it is also need to update the structure of an effective intrusion detection system is a complex and large projects. Construction of the system staff relies heavily on the experience of their choice for the statistical anomaly detection means. It can be a platform for the complete data acquisition, analysis and storage. But it still needs security expert analysis and classification of pre-attack means and weaknesses in the system and then manually prepared by the relevant rules and mode of misuse detection. Since the manual analysis and coding, including the decision of many NFR, intrusion detection System scalability and adaptability is limited, therefore, data-centric, intrusion detection as a data analysis process to develop a set of automatic processing of multiple data sources or multiple audits and in accordance with auditing data generated automatically intrusion setection model intrusion detection tool is very necessary.The essay concerns about the urgency and importance of network service on residential business because the residential information contains all the personal information of every resident. A novel data visualization method, data field, is firstly proposed in this paper. Data field can easily and directly show the holistic feature of the data distribution through using potential function to describe the property of data field, and the equip-potential line or surface to indicate the potential field of the data space.Considering the concept of data field in clustering problem, an idea of visualized interactive clustering method is introduced here.Non- supervision unusual detection is based on clustering method and constructs a data field, then find the focus of clustering. According to the 3B adjacent field, consider the situation of data point. After the partition of the data, the assurance of unusual data is based on the analogy of N and detects the network connections. The result indicates that the method is effective way to detect the intrusion in network and decrease the requirement for equip data. High-dimensional data visualization and the current thinking of data application on the field of data mining and data visualization of 3-D are limited to the following problems. And in fact, the study of intrusion detection not only through a few peacekeepers but also will be able to determine the characteristics of anomalies.The problem of frequent sequential pattern in intrusion detection because many of the invasion is not a single network connection to achieve the record, the need for intrusion detection such consecutive seconds or even a few minutes of recording data network connections similar analysis can determine whether there was suspicious behavior, frequent sequence out of this model provides a good suspicious behavior means.China has the largest population and the third largest area in the world. The practicing network service provides a large potential market for intrusion detection. |
PDF Full Text Request