| With the rapid development and wide application of the computer and Internet technology, getting the tremendous benefit from the information revolution, people also has to face the challenges of information security. Now the networks have had a massive large-scale use of security audit data, how to collect and process the data and learn to identify network intrusions are the core issue of Security Studies. And data mining technology can found hidden knowledge in a large amount of data. Data mining technology applied to intrusion detection system, system in the intelligence, accuracy and scalability has greatly improved.In the large-scale network intrusion detection system, because of enormous network traffic, the traditional method of decision tree classification is inefficient and this method easily lead to high false alarm rate and response to detect inefficiencies. Therefore, this thesis proposed a decision-tree generation algorithm based on the degree of important of property, data pre-processing stage in accordance with the different packet generation of property decision tree many trees in the detection stage, we can detect a packet in parallel, not only improve the detection speed, but also reduce the false alarm rate.This thesis also proposes a multi-decision tree classification algorithm based on the data the belong to all kinds of different possibilities.We finally determine the packets that are normal packets or attack packets, improving intrusion detection accuracy and reducing the false alarm rate.Finally we designed a intrusion detection model based on multi-decision tree algorithm, and also described the working principle of model.And we use KDD Cup99 datasets that specialized in intrusion detection to test data on the detection accuracy, detection efficiency.We record the test results. |
PDF Full Text Request