The network technologies develop fast and there are the kinds of the attack technologies, so the traditional attack detection technologies can't satisfy needs of the attack detection. The new attack detection technologies must be applied to attack detection for adapting the changes.The decision tree has advantages of simple structure, well understanding, high precision and no parameters, so this dissertation applied the decision tree to attack detection. In this dissertation, when we select attributes for deciosin tree, we select the attributes whose correlation is the maximal between its father attribute. The experiment proves that it increases the detection ratio.The application of data mining technology to anomaly detection system of mobile Ad Hoc networks is proposed. Through pointing out its existing problems, it is proposed that the outlier data mining technology is used in mobile Ad Hoc network anomaly detection system. Its core idea is that the anomaly intrusion detection process will be seen as a combination of knowledge in the field of data analysis process, the introduction of outlier data mining technology. In view of the existing anomaly detection algorithm which applies to only dimension of the data set lower, real-time difference, high rate of false positives, the ability to detect new types of attacks, Outlier data mining technology is designed to solve the existing problems in the mobile Ad Hoc networks anomaly intrusion detection system, and the working principle and system architecture is put forward, the function of each module is given a detailed explanation. Finally, a large amount experiments on DARPA was carried out and the validation and effectiveness of our approach were verified, which has guidance sifnificance toward the following research work.. |