Font Size: a A A

Research On The Key Technologies Of Intelligent Intrusion Detection System

Posted on:2010-10-09Degree:MasterType:Thesis
Country:ChinaCandidate:L BaiFull Text:PDF
GTID:2198360275968217Subject:Computer application technology
Abstract/Summary:PDF Full Text Request
Intrusion Detection System(IDS) is common for the number of real attacks to be far below the false alarm rate,which are often missed and ignored.And the mass information can severely limit an IDS's effectiveness.With the diversification and intelligence of network attacks,the single technology has been difficult to fill what the current security and defense needs.Therefore,the integration of multiple technologies to build new types of IDS has become the focus of current researching.This thesis integrates data mining and multi-sensor data fusion technology into common IDS,analysis and improves these two classical algorithms,making the improved algorithm more applied to IDS and effectively reduce the false alarm rate.Import classification and cluster analysis algorithm into IDS,find out unusual or valuable data from the collection of mass network data,system security logs and other data filtered by data mining technology,to improve the system's ability to identify user's abnormal behavior,and to detect unknown attacks.This thesis detailed the K-Nearest neighbors algorithm and K-Means algorithm.As a result of traditional algorithms can only handle numerical data type attributes,IDS can not meet the requirements of the data,it is necessary to improve them.Simulation experiments prove that the improved IDS KNN algorithm and IDS K-Means algorithms are not only applicable to IDS,but effectively improve system performance.Current IDS technology cannot detect multi-combined attacks,so it is more important to integrate multi-sensor data fusion technology.That is to integrate data and information from a variety of distributed sensors together to form a unified treatment of the process,instead of single detector,to reduce the false alarm rate and improve the ability of handle high-speed bandwidth networks data.The thesis uses Dempster -Shafer evidence theory and the expansion of combination rules for IDS,to improve the detection rate of the system,reducing the false alarm rate.
Keywords/Search Tags:Intrusion Detection, K-Nearest neighbors Algorithm, K-Means Algorithm, Multi-Sensor Data Fusion, Dempster-Shafer Evidence Theory
PDF Full Text Request
Related items