| With the development at full speed of the network technology, the computer network is applied to each field of the human activity extensively, the impact on social economy and people's life of the network is greater and greater. The security question of the network receives the extensive concern more and more, technology and products that various kinds of network security are correlated with are emerging constantly. So it is urgent to establish a set of network security assurance system. It is an important technology among them to intrusion detection technique. This thesis has put forward using the technology of the DataMine in order to improve their performance for intrusion detection system.This text introduces the current situations of the network security and intrusion detection at first, and analyses existing technology and challenge especially. This thesis has also introduced the knowledge of DataMine and method that and can be used in intrusion detection.Existing intrusion detection systems generally have questions, such as bad self-adaptation, serious distort and fail to report and over loading data, etc. According to our research, this thesis has introduced one intrusion detection system based on DataMine -DMIDS. DMIDS system can teaches itself to learn, itself perfecting the function and can find that already knowing and unknown abusive intrusion and abnormal intrusion.This thesis introduced the key technology in DMIDS finally, that is to say the DataMine technology of data pretreatment and sequential patterns mine. In the data pretreatment, we use the method based on features selection to get rid of noises. We adopt IDSSPADE algorithm to cany on sequential patterns mine, it is able to find the rules in intrusion detection and it is also able to increase the rule database. The IDS_SPADE algorithm is based on the SPADE algorithm, and it has transformed in many aspects. The algorithm shows superiority while testing from the last result. |
PDF Full Text Request