| As an active security defense approach, Intrusion Detect System (IDS) supports the protection againstexternal and internal intrusion before the network is influenced. The advantage of data mining (DM) lies infinding out patterns and features from large numbers of data, thus locking intrusion. This intrusion systems havelow distortion ratios and good real-time capabilities.In this dissertation, several new data mining algorithms are proposed, and used on intrusion detectionsystem (IDS), which can improve the detection performance of the whole system, effectively reduce the falsealarmrate.The major innovations of this dissertation are as follows:1. ARelativity Fuzzy Clustering Algorithm,(RFCA) is proposed. In this paper, possible membership degreeand uncertainty membership degree are introduced, the algorithm makes the elements in the sample are not onlyreleated to cluster. By the experiments on dataset testify the detection rate of this algorithm is higer thanK-means and FCM algorithm.2. An Apriori Algorithm Baesd on Normal Length Decreasing Support,(NLDSA) is proposed. The minimalsupport is decreased as exponential function.It avoids ignoring the itemsets with low support which isinteresting in the event, and avoid consuming a lot of time generating a large number of frequent items in thecollection, a great part of which is uninteresting event. Experiments show this algorithm has lower consumptionof time and lower false alarm rate on the same detection rate.3. A Fast Multi Rule Constrained Apriori Algorithm, FMRCA is proposed. After data pre-processing ofRFCA, a large data set could be divided into several small data blocks. Then using the new clustering center ofthe small data blocks. the new algorithm combined the temporal constraints and knowledge constraints couldgenerate frequent itemsets quickly. It is proved that can effectively reduce the intrusion detection system’s falsealarmand improve detection rate. |
PDF Full Text Request