Research On The Intrusion Detection Method Based On Rough Sets And Apriori CRS Algorithm

As the network security quickly has developed recent years, the methods of network attack have been changed a lot in many aspects, so that network security need to be further improved. Intrusion detection, as a proactive defense security technology, has attracted most attention of not only researchers but also vast commercial application companies. In intrusion detection process, a large number of feature data must be handled, so some scholars have made use of data mining and large-scale data processing experience to analyze and detect intrusion. However, the data mining technology cannot be smoothly migrated into intrusion technology. So the detection systems application must be some adaptively improved.Therefore, it is better to use this method according to the mainstream of the current study which combained rough set and data mining technology. First, collected data is classified and preprocessed by normalizing the value variables and the nominal variables be discretely processed, an attribute reduction to the result set can be made based on Pawlak attribute weights Rough Set Algorithm with characteristics of the property up and down approximation set. According to attribute reduction, association rules can be generated which satisfy a certain degree of confidence, then imported into the rule set. Experiments show that the detection approach combined rough sets and data mining has improved the detection efficiency and enhanced system security.The first intrusion detection classification of intrusion data collection, data preprocessing, data values and nominal variables normalized discrete variable processing, rough set attribute reduction, and then use fusion "Pawlak attribute importance about simple" data mining algorithm Apriori CRS algorithm technology for network features upper and lower approximation properties, generating a certain degree of confidence to meet the association rules into the rule base, the last generation of intrusion detection rules based on analyzing real-time network intrusion data.In the real experiment results, it is better to use Apriori CRS algorithm with real application in intrusion detection system. In order to the full integration of rough set theory and data mining techniques, the detection rate of the algorithm is linear with the number of invasive, less computational complexity, and the simple algorithm based on rough set greatly improved the detection rate compared to the system so as tolerance increased.