| With the increasing complexity and diversification of network attacks,solely relying on Static defensive systems such as firewalls are hardly adequate to safeguard computer systems.As a proactive security technology,IDS(Intrusion Detection System) is capable of Compensating traditional security defense systems' shortcomings.Challenged by ever-increasing network traffic and attacking methods,however,a number of disadvantages manifest themselves in the realm of traditional IDS such as inability to detect new forms of attacks.This paper attempts to explore IDS DM(Data Mining) technology,which has become a research focus in recent years.DM helps IDS discover hidden invasion traces from collected computer and network records and recognize invasion patterns,thus result in considerably reduced manual workload yet increased detection rate.Although data mining technology as a means of intrusion detection system is effective, the commonly used data mining algorithm is still insufficient,especially the clustering algorithm.Though the most widely used K-MEANS and DBSCAN are simple and practical, they are still far from being perfect.Therefore,an improved K-MEANS,together with DBSCAN,is put forward in the application to the intrusion detection system.Then,the combined scheme is used in an anomaly detection test of a common set of records.The results of the expriment show that the improved intrusion detection scheme is effective.Further studies are suggested at the end of the paper. |
PDF Full Text Request