Based On The Improved Gp And Cluster Analysis Method Of Intrusion Detection Research

With the rapid development of the network.the security problems that the network faced is becoming more and more serious-just like the frequent attacks in different kinds.Though the application of the firewall has hold back the intrusion of network virus in a certain degree, it still can not meet of people’s needs for network security with the development of network attacking techniques. More and more worms、virus and backdoors have succeeded in breaking through the protect of the firewall.for the reason that the traditional firewalls can only find known attacks, but fail to deal with the number of potential attacks.Under this circumstances, invasion test in the function of network security alarm ahead is attacking more and more attention.The key of the intrusion detection is how to collect valid data. and analysis all kinds of intrusion acts. At present, two kinds of techniques are constantly applied.they are misused detection and anomaly detection. Misused detection presumes that the act and method of the intrusion can all be described as a pattern or a character. It can detect out the known intrusion act precisely but its disadvantage is that the unknown intrusion act can’t be detected. And then anomaly detection is a method based on act. However, its misinformation rate and failure-in-report rate is high for the analyzing method is immature at the present. Genetic Programming algorithm and cluster analysis are popular algorithms emerged in recent years.Genetic Programming algorithm is evolved from the Genetic Algorithm.it has the similar algorithm basic process with Genetic Algorithm.The difference of them is that the Genetic Programming algorithm has more complex structures than Genetic Algorithm.for this reason,Genetic Programming can be more flexible to deal with the express problems in Genetic Algorithm.Clustering analysis is a hot field of the data-mining research, it analyzing a large number of data and then classifies them automatically.For this strong point,clustering analysis is fit for being applied in the assortment of the anomaly detection. Based on the Genetic Programming algorithm and cluster analysis.we propose an new intrusion detection method and then the module of the intrusion detection has been designed.The result of experimental shows that this kind of intrusion detection model can detect out some unknown intrusion actions and has better time complexity.This paper firstly introduces the essential concept and structure of network security and the general applied technique of the home and abroad at present, points out the value of intrusion detection research in network security. Then The disadvantages of traditional intrusion detection methods are displayed through the comparison of the traditional intrusion detection technology. Next.the paper respectively introduces and analyses the Genetic Programming algorithm and cluster analysis in detail.after that a intrusion detection method based on modified Genetic Programming algorithm and cluster analysis is proposed and the intrusion detection module is also designed. At last, this paper concludes this detection method based on modified Genetic Programming algorithm and cluster analysis.and makes profounder analysis and prospect for the application of them in intrusion detection.