The Research Of Dynamic Self-adaption Intrusion Detection Model Based Of Clustering

Network and network applications are becoming more and more popular. Because the network is so convenient and efficient, more and more people like to put more activities on the network, such as business management, e-commerce, etc. so secure storage and transmission mechanism are needed to protect a lot of data, Ensuring the confidentiality, integrity, and availability of the data. Along with people depend on Internet more and more, when the damage is in fact, the damage will become larger. It is not satisfactory for the current network security system to protect network applications. Internet is an open system, it is useful and necessary for the purpose of resource sharing, on the other hand, these interconnecting and complex network and host system is very possible have a lot of computer and network vulnerability, and these vulnerabilities can be used by hacker to carry out attacks, that will bring more or less loss. So it is very necessary to study more new secure technologies. Intrusion detect is important in the network security system, it is a necessary complement to network security protection. Intrusion detection research is not enough. This paper study is in this context, and it is meaningful.Firstly, this paper simply describes the concept and development of intrusion detection, and then describe international standard intrusion detection model. Intrusion detection systems are classified from different aspects.Then the paper introduces technologies usually used in intrusion detection systems. Many data mining algorithms can be used in intrusion detection, and these algorithms’advantages and disadvantages are analyzed.The network intrusions types and characteristics are analyzed. Finally, a new detection mode in this paper is introduced in detail. The whole process of the intrusion detection model, the process of select intrusion detection attribute subset and data pretreatment process are described. The experiment and analysis about the testing model proposed in this paper is test and verified.Intrusion detection based of clustering researches mostly use improved algorithm to improve effect of intrusion detection. These methods don’t make good use information about intrusion we have known. It is usually not efficient in time and memory, so the cost of time and space can’t satisfy high network bandwidth demand. On the basis of the analysis of the characteristic of invasion, this paper put forward the attribute set selection methods for intrusion detection. A new intrusion detection model is suggested. Useful information known about intrusion is used in the execution of the algorithm. Problem the algorithm itself has about initial clustering center is difficult to determine may result in local optimum problem is solved. Because various types of sample data center vector can be a very good representation for the distribution of intrusion detection data, the algorithm has a quick convergence speed. It is more adaptable by renewing beginning center vectors library when new type data occurs. The intrusion detection model is useful verified by the experiment, and it can be used to detect a special intrusion type.