| With the development at full speed of the network technology, the computer network is applied to each field of the human activityextensively, the impact on social economy and people's life of thenetwork is greater and greater. The security question of the network receives the extensive concern more and more, technology and products that various kinds of network security are correlated withare emerging constantly. It is an important technology among them to intrusion detection technique. This thesis has put forward using the technology of the DataMine in order to improve their performance for intrusion detection system.This text introduces the current situations of the network security and intrusion detection at first, and analyses existing technology and challenge especially. This thesis has also introduced the knowledge of DataMine and method that and can be used inintrusion detectionExisting intrusion detection systems generally have questions, such as bad self-adaptation, serious distort and fail to report and overloading data, etc. According to our research, this thesis has introduced one intrusion detection system based on Data Mining which can teaches itself to learn, itself perfecting the function. With the classifing and cluster algorithm, we implement a misuse and anomaly mixed IDS which can detect the known and unknown attack.Next, we introduce the design and implemention of the system which adopt the the DataMine technology of data pretreatment, classify and cluster patterns mine. we use the method based onfeatures selection to get rid of noises. We Appy the RIPPER algorithm to classify pattern mine and CURE algorithm to cluster pattern mine, it is able to find the rules in intrusion detection and it is also able to increase the rule database.Finally, we give a test to the system. Through the test, we find that RIPPER is efficient and efficiency. At the same time, our intrusion detection system is efficient to detect known and unknown attack. |
PDF Full Text Request