| With the rapid development of Internet and the increasing popularity of the network, people have been inseparable from the network in their work and life. However, with the gradual expansion of Internet-scale, a large number of Internet users increases, resulting in significant network security research. As we all know, there are a lot of hackers in the real Internet, they use the malware, malicious behavior on the Internet to profiteering. Now the Internet environment is complex, and safety performance is not high. So the current network environment has forced researchers to step up their network security research.Intrusion detection research has been a hot topic in the field of security, but existing intrusion detection technology is single and intrusion detection products are also mostly single detection methods in the market, and detection efficiency and accuracy is not high. To solve this issue, we carried out the following research work in this paper.In this paper, We made a detailed analysis and comparison for the existing intrusion detection and intrusion detection model, summed up the limitations of existing models, and pointed out the shortcomings of existing intrusion detection technology. So we proposed a hybrid intrusion detection model that combines two kinds of intrusion detection technology, and the model was demonstrated by experimental analysis. In the end, we compared and analyzed the experimental results with the single detection model.For the data acquisition module in the hybrid model, this paper described and analyzed the principles of mainstream attacks behavior, and extracted a new more suitable network feature set to describe the behavior of the attacks. Then we write code to extract the relevant data sets, and compared and analyzed the extracted data sets and the feature sets commonly used in the experimental.For the data mining technology in the model, the paper focused on the study of the typical decision tree algorithm in the intrusion detection system, and analyzed the shortcomings of the decision tree by analyzing actual situation in the intrusion detection environment. So we proposed a improved strategies, and compared the experimental results of the improved algorithm with other algorithms.Finally, by the whole experimental verification and analysis and the indicators of intrusion detection system, the paper given the relevant conclusions.The hybrid intrusion detection model based on data mining could improve the detection efficiency of intrusion detection systems, and the detection rate, false alarm rate, accuracy and other aspects of the system were increased. This paper reaches the initial design goals... |
PDF Full Text Request