| With the rapid development of Internet technology, a new technology- cloud computing technology has been widely used in various fields. Cloud computing is a succession of parallel computing, distributed computing and grid computing breakthrough after another in the new technology. Cloud computing is essentially related resources polymerization, which including servers, networking, computing, storage, applications and software, forming a huge virtual resource pools, remote users access to the resource pool on-demand through the Internet to obtain various services. Visible, the advent of cloud computing has provided users with a lot of convenience. However, as cloud computing continues to develop, security problems frequently exposed, has become the focus of public attention. Due to a variety of different means of invasion, they will face diverse intrusion. Thus, the traditional security technology is not able to effectively protect its security. It is crucial to establish an impactful intrusion detection strategy to protect the security of cloud computing in the cloud environment.This paper focuses on the research of intrusion detection technology, mainly to solve malicious conduct data theft, tampering, hacking and other cloud present in the environment, which aims to intercept all kinds of attacks. Firstly, various types of threats the cloud computing facing are introduced, research status on the intrusion detection technology and cloud computing Status Intrusion Detection Environment will be shown.Secondly, it analyzes the two technologies of intrusion detection: misuse detection and anomaly detection technology concept, advantages and disadvantages of their presence, highlighting several methods related to detection technology, and leads to the anomaly detection algorithm based on data mining. According to the characteristics of the both, this paper uses the combination of the two technologies, the process is judged first by the behavior of misuse detection unit decision, for the controversial behavior delivered in anomaly detection unit to deal with, via recording and updating the attacks that recognize by the abnormality detection module, so as to avoid such an act the next time to perform redundant judgment process, and meanwhile to better ensure the validity of the test.Once more, elaborating the algorithm ideas of decision tree which is an intrusion detection method based on data mining, and giving detailed steps to construct a decision tree. The core of this paper is to improve the insufficient of the decision tree algorithm, and proposes an intrusion detection algorithm based on the combination of independent test and information gain based on the correlation coefficient of the decision tree. This algorithm makes the construction of the tree more perfect, not only can detect known attacks effectively, but also can make an accurate judgment on the unknown attacks; the results also provide a basis for the update library. Summarize the unknown attack behavior and timely update and improve the information of the intrusion signature database with misuse detection unit, and effectively improve the efficiency of intrusion detection.Finally, the thesis make a proof and summary of the improved algorithm and the original algorithm,and look forward to the prospects of the need solved problems in future research. |
PDF Full Text Request