| Traditional intrusion detection models lack of economy and efficient;while data mining based methods become hot research because data mining has strong power from learning unknown knowledge. Not only patter matching should be used for detection intrusion, but also data mining should be used for analysis statistic data so as to detect more complicated intrusion.This paper focus on a mixed intrusion detection system, that is based on our research on data mining technology. The research results including:1, Research on improving association rule algorithm for building web package feature rule.Web package is analyzed by improved association rule. Intrusion data include web packages, which is collected by web sensors, and web log that is generated by local host systems and collected by host sensors. In the client of the intrusion detection system, we mine weighted association rules and extract detection pattern.2, Research on kernel machine classification algorithm for classifying intrusion detection data.Classification analysis is key technology for data mining. However, when applied on intrusion detection, traditional classification algorithm faces some difficulties. In this thesis, we classify intrusion data by DRC-BK. classifier. On one hand, we can get good classification accuracy;on the other hand, the classification rule is understandable by human experts, so as to make contribute for taking measure for intrusion preventing.3, Proposed and build a framework for intrusion detection.We analyze the implementation and security of intrusion detection systems, discussing the process and implementation of web data collection, data preprocessing, building training data set, data filtering, and learning detection rules by data mining technology. Based on this research result, we design and implement a intrusion detection framework. |
PDF Full Text Request