Data Mining Technology In The Network Intrusion Detection System

With network size's unceasing expansion, network user's unceasing increase and the network knowledge's unceasing popularization, the network and the information security receive more and more big threat. It often occurred that the information confidentiality, integrity and usability encountered violation seriously. The question of the information security already became the people's popular matter. If it wants to protect the information's security and safeguard the information's confidentiality, integrity and usability, we must be able to exam the invasion behavior effectively. The invasion behavior often mixes with the normal data. Some invasion behavior is distributional. The single behavior's characteristic isn't different from the system's normal behavior, so it is difficult to examine them.Now the major invasion examination system compared the auditorial data with the database of the attacked pattern, thus discovered the behavior that violates the security policy. This method that match pattern is very high to the known efficiency of the invasion examination. But it is actually unable regarding some unknown or the existing invasion method's variety. Analyze the auditorial data by the data mining technology. We would transform the data, which will transmit in the network, into the linking record, and through the pretreatment, we can obtain the characteristic attribute that can sort the linking record. It will be helpful to enhance the invasion examination system's accuracy and completeness. Based on the deep research on the intrusion detection system and the data mining, the article analyzed and discussed the data mining technology in the network intrusion detection system. Through the data pool processing, we can extract the characteristic attribute of data and construct a classified examination model.The article's main work includes:(1) Studied and analyzed the common algorithm in the data mining;(2) Studied and analyzed the model of the network intrusion detection system; (3) Studied How to construct the characteristic attribute of network data;(4) Constructed a model of the intrusion detection system by the data miningtechnology.