| Intrusion detection system is one of the main research directions in the field of network security. However, most of the existing intrusion detection systems usually identify attacks by matching attacks database that is known. using the current method of pattern matching attack on the already existing high detection efficiency and accuracy but the prevailing invasion of many new attacks and means there is a lot of limitations, the efficiency and accuracy of detection is relatively low. Detecting known attacks these pattern match-based methods have better detection performance, but detecting unknown attacks they don't work well.Firstly, This paper introduces intrusion detection system, then introduces four known data mining techniques, then analyzes Intrusion Detection in depth and width, especially the plug-ins, which provides theory foundation for new intrusion detection system. Secondly, it analyzes Association Rule algorithm and K-means algorithm, then it makes better changes in the two above algorithms based on the new system requirements. Thirdly, it builds a new intrusion detection system based on data mining techniques, which puts improved Association Rule algorithm and K-means algorithm into Snort based on improved Association Rule algorithm and K-means algorithm. The result shows the new Data Mining Intrusion Dection System not only improved the detection efficiency and accuracy, but also improved the detection ability of new attacks. |
PDF Full Text Request