| Database Managemet System (DBMS) is one of the three platforms of information systems, so its safety is an important component of the information security. Now the research on intrusion detection is still in infancy, most detection methods are based on data mining technology. This paper puts emphases on the emprovement of Apriori algorithm which is a classical algorithm of mining association rules, and then applies it to the database intrusion detection system.Firstly, in the process of mining frequent patterns, Apriori algorithm generates a huge number of candidate itemsets as well as needs multiple scans over database. So the time and space complexity is too high. According to the existing flaws of Apriori algorithm, an advanced algorithm is proposed to reduce the candidate itemsets depending on the nature of frequent itemsets. Then an improved algorithm by means of coding for every item was proposed. Coding can reduce the scans over database and meanwhile deleting items can reduce the number of candidate items. As a result, the efficiency of this algorithm has been improved. Experiment conducted under the same conditions shows that the two algorithms can effectively improve the efficiency of association rules mining.Lastly, with the two improved algorithms, a self-adaptive model of database intrusion detection system is designed. According to the limitation of producing misuse detection rules, the mid-results of the improved Apriori algorithm are used to perfect the library of misuse detection rules. Considering the characteristics of misuse detection and abnormal detection, misuse detection is executed before the abnormal detection to make the detection more accurate.According to the results of detection, rules library should be updated continually to improve self-adaption of system.The technology of intrusion detection is applied widely in the Internet, data warehouse as well as the security of information warfare. |
PDF Full Text Request