Research And Application Of Local Outliers Mining Based On Density To Intrusion Detection

In recent years, the tide of informatization is sweeping across the globe and Internet has been getting fast development. A wide variety of applications online have penetrated into every aspect of people’s daily life. People in the use of the network for information exchange, but also feel the importance of information security. Especially the legislation of network is not systematic, timely enough, so that a series of questions about the information pollution, personal information leaks and even information crime emerge in endlessly. As one of the main security technology, intrusion detection is the second security gate behind the firewall which defends network attacks realtimely and actively.In today’s era of big data, every walk of life will have a huge data set at all times. In addition to the knowledge data, the data of network attack and the evidence of the crime of information also is hidden among them. Data mining is an analytical technique to discover useful knowledge from data. In this paper, the data mining technology is applied to the intrusion detection system, can detect abnormal attack data in the case of unknown type of attack, making the network security workers to gain the initiative in the fight against hackers. Outlier mining is the main branch of data mining, In this paper, the application progress of data mining in intrusion detection and various outlier mining techniques are used, based on the local outlier detection algorithm based on density, putting forward an optimal local outlier factor algorithm. The algorithm makes full use of memory effect, narrow range query of neighborhood in the local outlier detection based on density, reduce a large number of duplicate search process, achieve results of reducing query time and improving query efficiency.In this paper, the intrusion detection data set KDD cup99 is selected as the experimental data. In the experiment, different attack types are extracted, and the training data set and test data set are formed, and the threshold and other parameters are trained, to find out the intrusion data by study and analysis. Experiment make a comparison between this algorithm with other classical algorithms from aspects of the detection rate, false detection rate and run time and so on, to verify the effectiveness of the algorithm. The experimental results show that, algorithm in this paper can accomplish the task of network anomaly detection, has a high detection rate, low false detection rate and less run time, and can detect the unknown intrusion data, has certain reliability and high efficiency. The research results of this paper have certain theoretical and practical application value to improve the efficiency of intrusion detection.