Research And Implementation Of Intrution Detection System Based On Data Mining

With the popularization of the computer network applications, the community's reliance on computer networks is also growing. However, the inherent openness of the network, especially the cross-border nature of the network, makes it facing the enormous risks of the security. Therefore, Intrusion Detection System (IDS) is more and more important in the system structure of the network security. With the diversification of the invasion, the system of the intrusion detection demands a higher level. For the lack of the technology of the former invasion, according to the massive audit data, this paper builds the model of describing of the intrusion by using data mining methods from the view of the data processing.This article first introduces the background and significance of the intrusion detection technology, the system of the intrusion detection and the data mining technology. It also discusses the application of the data mining in intrusion detection. These provide a theoretical basis for IDS based on the data mining technology. And then it builds the intrusion detection system based on the data mining. It describes the system's design concept and the system framework, and introduces the design of the three core modules and work flow. Finally it discusses the realization of IDS based on data mining, that is, the improved K-means algorithm and the Apriori algorithm is applied to the module of intrusion detection system and checked by the experiments to show its feasibility. By researching and analyzing the shortcomings of the traditional intrusion detection technology, this paper concludes that we need to handle large volumes of data to solve these shortcomings. The data mining technology is such a powerful data-processing tool that it could be applied to the traditional intrusion detection system to deal with mass data to improve its detecting performance and reduce the rate of false alarm of the overall system effectively.This article focuses on building a model of intrusion detection system based on data mining, and discusses the cluster analysis algorithms and correlation analysis algorithms used in the field of intrusion detection widely. At the same time, it analysis the shortcomings of the K-means clustering algorithm and the Apriori algorithm used in the intrusion detection, improves them and applies them to the constructed model. At last, the experimental results show their effectiveness.