| With computer technology and Internet developing at very fast speed, cause the Security of the network communication become a focus for the country's Security and society's stabilization. Intrusion Detection System(IDS) is created for this case ,it gathers and analyzes the information from the some keys of the computer network or system, then discover weather there is the action witch disobey the Security strategy and mark witch is attacked, it is a dynamic Security technology which is comprise of checking,noting,alarm,response. It become a important representation in the Security tools, because it can monitor the running state of the network,host computer and application generally and at real time, initiative identify and response to the intrusion of the computer,network system, also provide a real time check for the attack of exterior and interior, discorporate. The function of the Intrusion detection system is checking the happening of the intrusion, it can be looked as a classifying question, which separate the audit data provided into normal data and abnormal data. The intrusion mode is different, the tactic and matrix of intrusion detection is different.With the aim to low intrusion detection precision and poor stability of test result,use data mining technology to the field of the Intrusion detection system, which is the important means to achieving the intelligent for the IDS, the main means is using the cluster analysis and nerve network algorithm.It is include in the data mining, sampling the correlation of the consumer action character, according these character create the classification model of the Security incident, used as the automatic identifying of the Security incident.This paper introduces the architecture of intrusion detection, intrusion detection research, and then describes data mining tools, steps and processes .Second, is the focus of this article, data mining-based intrusion detection system cluster analysis algorithm, neural network analysis algorithms. To K-means algorithm and fuzzy C-means clustering (FCM) algorithm in the introduction of intrusion detection system on the classical KDDCUP99 10% data set for testing, then obtain precision & false positive and analysis the results of respective algorithms . Then involved in generalized regression neural network (GRNN) algorithm, GRNN and FCM will be combined with two algorithms, the data in the same experiment. Proved through experiments, GRNN combination with the FCM algorithm, improved the detection of intrusion detection in all parameters... |
PDF Full Text Request