The Research Of Data Stream Mining Based On Intrusion Detection

As development of computer technology and network communicationtechnology, computer network not only brings people convenience, but also faces aseries of safety problems. About intrusion of computer systems and networkinfrastructure attacks are increasing, has seriously affected the people legal use ofnetwork resources, besides, brought huge economic losses to the society, thereby needput forward the feasible scheme to solve the problem of network security at thepresent.From current popular security technology-intrusion detection, we consider theobject of the intrusion detection technology is network data stream, therefore thispaper introduces method of data stream mining in intrusion detection, put forwardbased on intrusion detection data stream mining research. This paper mainly does theresearch of intrusion detection as following based on data stream mining.Firstly, for design of a single classifier algorithm, we use leading edgetechnology kernel learning theory of machine learning method, combine kernelprincipal component analysis and support vector data description, and then proposebased on kernel learning improved algorithm for intrusion detection. At last,experiments show that the algorithm as anomaly detection technology can obtainhigher accuracy and lower miss rate.Secondly, we extend kernel learning improved method proposed above, putforward a based on semi-supervised kernel learning multi-classification algorithm. Weconstruct mathematical modeling for suprasphere at first. And then, analyses itsmathematical characteristics. Finally, we define the weight for weighted na ve bayseand Expectation Maximization algorithm (EM), and integrate labeled data andunlabeled data for training to get decision sphere. Experimental data show thealgorithm not only keeps better result of traditional algorithm, also can reducemisjudgment rate of test samples.Last but not least, considering data stream has characteristics of mass,time-varying, quickness, we put the proposed semi-supervised kernel learningmulti-classification algorithm above into the current popular distributed systemHadoop, and design the model of based on Hadoop intrusion detection data stream mining system. We make the proposed semi-supervised kernel learningmulti-classification algorithm above as based classifier, then use Hadoop’sMapReduce parallel to train each classifier. Finally we integrate the predictive resultsof the test data and get the final decision. From two aspects of parallelization and timecomplexity, we analyse the performance of the model, then indicate the model isfeasible.