| Massive network information, the incessant emerging of new technology on network, the diversity of intrusion and a large number of new invasion makes a low performance and high false alarm rate if using the current intrusion detection system, which fall short of the security requirements of the network.This study is based on data mining methods for intrusion detection system. Under the condition of poor detection performance and high false positive rate, a combination of anomaly detection and misuse detection is used in this study. The combination can work itself through anomaly detection firstly, and then begin to detect the abnormal data detected by anomaly detection use misuse intrusion detection, finally the intrusion will be found if it is happen during this detection. The most important and core content of Intrusion Detection is the rule base, and using data mining methods to improve and update it so that the intrusion detection have a qualification of self-learning. Mining frequent itemsets using more efficient FP-growth algorithm instead of the classic Apriori algorithm, to accommodate high-speed network development; Analysis the weaknesses and shortcomings of k-means clustering algorithm, and propose an improved k-means algorithm to adapt to the intrusion detection systems. |
PDF Full Text Request