The Study And Design Of Intrusion Detection System Based On Data Mining

People have concerned about the network security. Today with the open and shared Internet, Intrusion Detection System (IDS) has become an indispensable component to ensure the security of network resources. As network-based computer systems play increasingly vital roles in modern society, to take the place of traditional security program, Intrusion Detection (ID) becomes a new generation to an organizational information security program. As a key factor of information security program, ID provides critical protections from potential attempts to exploit computer resource vulnerabilities which greatly fetched up the limitation of access controlling and identity authentication. Since new attack methods occurred continually, especially some cooperated intrusions, there are many new problems to be faced and solved when doing research on intrusion detection. Nevertheless, the traditional intrusion detection technique cannot deal with more and more complicated attack on the way of expansibility and adaptability. The knowledge of many other fields is introduced.This paper mainly focuses on intrusion detection based on data mining. The aim is to improve the detection rate and decrease the false alarm rate, and the main research method is clustering analysis. The algorithm and model of ID are proposed and the corresponding simulation experiments are presented. Firstly, the paper introduced the concepts and technologies of ID, the status of the research on IDS, and analyzed the application of data mining technology in IDS. The paper applied the data mining technology in the intrusion detection, and analyzed common intrusion detection framework (CIDF), and combined with characteristic of ID. The K-means algorithm, the clustering base on similarity and Ant colony algorithm put in IDS, and expounded how to use the basic algorithm idea in IDS. A test using the test data of KDD Cup 1999 was given, and compared algorithm. Finally, an IDS base on data mining is designed, and the application of clustering algorithm combination in IDS is proposed. The test results show that the clustering algorithm had well capability.