| The safety of internet has been arousing more and more attention today. The relevant technologies and products have been promoting around everyday. Intrusion detection is one of the most important technologies. This essay puts forward the application of data mining in intrusion detection to fulfill the function according to its deficiency in original system.Our present systems of the Intrusion Detection often come with many deficiencies, for instance, bad self-adaptation,serious distort and fail to report and overloading data. Basing on the combination of two data mining processes, Apriori and Ripper, the essay provides a self-adaptation Intrusion Detection System with self-study and self-promotion functions. We increase both the BER(Bit Error Rate) and the accuracy of Intrusion Detection by Apriori process while reducing the reduce the detecting burden in Intrusion Detection. We provide Sorting Algorithms to produce the relevant regulations so that the characteristic detection engine is able to detect the unknown attack.The experiment result shows that self-adaptation IDS is characterized by higher level of auto-systematic, maintainability, expansion and efficiency, etc.The essay is developed in following approaches:①In part one, we illustrate intrusion detection system (IDS), analyze the process of IDS and build up a self- adjusting IDS, including intrusion console, IDS agent, data mining and rules convert.②According to the concept of data mining, we develop the Apriori and Ripper processes, which are combined in IDS by analysis of data mining technology and its specialties.③Examine the new Apriori and Ripper processes in the self-adaptation Intrusion Detection System and draw a conclusion.As a result, the promoted Apriori and Ripper processes provide a high level both in efficiency and accuracy, so that the Intrusion Detection System has been able to detect known and unknown attacks. Finally, the essay discuss the future of the IDS research. |
PDF Full Text Request