| With the increase of informatization level and enhancement of dependence on computer networks for human society, Computer network security has aroused extensive attention. Traditional type of security technology such as safety certification, authorization, access control, and encryption, can not prevent the illegal intrusion behavior imposed on the defects of software and hardware of computer systems. The current firewall does little to isolate the attacks that aim at the design flaws in the procedures and make use of the channel encryption. Intrusion Detection System (IDS) is an important dynamic security protection technique, and it is an important research domain of computer science and techniques.It has been the focus of research. In nearly twenty years, researches on the Intrusion Detection, the core of Network Security, have been done at home and broad. Intrusion Detection Information Security, but it still has many problems,especially in self-completing and self-learning. Nevertheless, the traditional intrusion detection technique can not deal with the attacks which become more and more complicated on the way of expansibility and adaptability.The knowledge of many other fields is introduced and the data mining is a kind of hot technology among them. Data mining can mine specified patterns that people are interested in from large datasets. Therefore, data mining technique is applied for intrusion detection in large number of research projects, which greatly promote the development of intrusion detection.We expatiated on the definition of intrusion detection and data mining, the background and the status of the research on IDS. Then we introduced four classic techniques of DM, data mining techniques for IDS is analyzed. Based on the research on the intrusion detection technology and intrusion method in common use,solution of runtime Intrusion Detection System based on data mining is proposed in the dissertation. Applying some existing algorithms of association analysis, sequence pattern analysis, and data classificationto to the intrusion detection system. Moreover, characteristics were drawn and rules were set up on the intrusive behaviors. We detect intrusion action by analyzing the audit data and patterns recognition, to form a detection system based on data mining, we implement prototype by experimenting on misuse detection of connection records and anomaly detection of user behavior profiles. The model has self-adaptability and strong extendable feature, and realizes low error detecting rare and misinformation rate. Thus, it achieves the goal of improving intrusion detection quality, and has widely application value.In the last chapter,the brief explains how to construct the security system for a military network security system.With the focus on how to construct a free intrusion diction system through network.The research of IDS based on the Data Mining is a very active field. Finally We present several future directions of improvement and research in our work. |
PDF Full Text Request