| The rapid development and popularization of Internet and application improvesinformation exchange, information interaction and information sharing, promoting thework efficiency and life convenience. On the same time, when more and morecomputers are interconnected, nd each computer may be attacking object. Networksecurity is facing more and more severe challenge,such as tamper and counterfeit,hacking, computer crime, spread of virus and harmful information transmission and soon, which directly constitutes a serious threat to security of network information.In order to protect computer system, network system and information, a variety ofsecurity technologies and products emerged including: firewall, intrusion detectionsystem, identity authentication system and so on. However, a safety network systemneeds both defense system such as firewalls and real-time monitoring system such asintrusion detection system. It is necessary to strengthen the study on intrusion detectiontechnology which has a strong practical value, intrusion detection can detect invasionand timely response, can greatly reduce the loss and its impact.The thesis focuses on the application of data mining technique to intrusiondetection research, and puts forward the corresponding research method. Based on theassociation rules and decision tree algorithm, the mixed model of network intrusiondetection system model is demonstrated, design and implementation of intrusiondetection system prototype experiment system. This paper thesis deep analysis ofassociation rules and decision tree of two important data mining mechanism, and putforward the mixed model of network intrusion detection system model based on theassociation rules and decision tree model. On one hand, association rules contribute tothe mining association rules, which can mine strong association rules in decision tableattribute as condition attributes; to further improve the accuracy of decision treeclassification as well. Intrusion detection prototype system is divided into datapreprocessing module, data mining model training module, data mining detectionmodule, system management module four main function modules. Intrusion detectionprototype system preprocesses sample data first and train data mining model based onthe mixed model over association rules and decision tree. Then comparing with thepreservation of good training parameters, risk measurement and detection alarm are finished. What is more, intrusion detection experiment prototype system is tested underthe condition without using association mining detection and using association miningscenario respectively. After experimental verification, the intrusion detection prototypesystem based on hybrid model of association rules and decision tree model, whichmakes obvious improvement such as increasing accuracy, reducing false test andprovides references for the optimization of network intrusion detection system... |
PDF Full Text Request