Distributed Intrusion Detection System Based On Data Mining

With the development of computer, communication and network technique, network information system has become an important infrastructure of human society. Human can benefit from great contribution which network information system makes to social civilization, meanwhile realize that network information security has become an urgent problem which affects long-term behalf and sustaining development of a nation. Many security protection techniques, which have been gradually transited from static security protection techniques to dynamic one, have been studied and explored to assure network information system. Intrusion Detection System (IDS) is an important dynamic security protection technique, and it is an important research in the field of computer science and technique. When people make use of computer and network, IDS distinguishes baleful action from normal ones. IDS not only detects intrusion behavior from network, but also monitors the unauthorized operation of LAN's users.Generally, Intrusion detection costs much time and money to build up traditional IDSs and to update them. In addition, due to the network facilities becoming complex and attack emerging in endlessly, traditional IDS is devoid of validity, flexibility and expansibility. However, distributed IDS coming forth, it helps some exports in the field of IDS resolving difficulty in expansibility, cooperating with detection and operating with other IDS or security system. IDS focuses on data, whereas traditional IDS technique can't adapt a great deal of data and enhance the detection efficiency. However, data mining can mine specified patterns in which people are interested from large datasets. Therefore, data mining technique is applied for intrusion detection in large number of research projects, which greatly promote the development of intrusion detection.In this paper, After finding out the flaw of present DIDS and improving on present DIDS, I find a distributed intrusion detection system, based on data mining technique. We short the new system for DMDIDS. DMDIDS integrates host-based IDS with network-based IDS. It mainly comprises of HIDS, NIDS and a central manager. Its function includes integrated detection, reporting and responder. According to the...