Application Of Data Mining In Intrusion Detection System

With the rapid development of Internet,people pay more and more attentions on the internet security problems.In order to ensure the security of network communication,having an Intrusion Detection System(IDS)with excellent intrusion detection capability is essential.IDS with the ability of monitor network data transmission,can detect suspicious network behavior in time,and take active measures to prevent the further development of intrusion behavior.The arrival of the era of big data,makes IDS powerless in the face of massive security data,and the traditional security detection,based on the rules often lead to a large number of false negatives;with the diversified development of network attacks,the emergence of large-scale distributed attacks also allow partial IDS helpless.Therefore,in the context of such a network security,how to improve the detection rate of IDS,reduce the false alarm rate and improve the generalization ability is an important research topic in the field of network security.Modern IDS includes two problems,one is the huge network data flow leads to the detection rate is relatively slow;the other is generalization ability is not good enough,the changeable network environment makes the IDS can not accurately identify the unknown attacks.More and more researchers of network security,trying to establish IDS by using data mining algorithm,using the large data analysis ability of data mining algorithm can ensure the accuracy of detection,and enhance detection rate at the same time.A series of research results prove that the IDS based on the data mining method,having better data analysis capabilities,and can effectively improve the intrusion detection capabilities.This paper first introduces the IDS and the commonly used data mining methods,and then explores the specific application of data mining in IDS for the relevant network security issues,this paper mainly includes the following three aspects:(1)In this paper,a method of data dimension reduction based on spatial correlation is proposed,which completes the transformation from high dimensional space to low dimensional space,and IDS model is built to compare the difference between the dimension reduction data and non dimension reduction data.The experimental results show that the data reduction method based on spatial correlation can ensure the accuracy of the model,at thesame time,relieve the computational pressure of IDS when facing the big data security,and improve the performance of IDS detection.(2)An algorithm for computing the similarity of URL is proposed,this algorithm can detect illegal phishing sites on the internet.The experimental results show that the algorithm can detect the legitimacy of the new Internet URL,can identify a large number of illegal sites,including phishing sites.(3)Research on the application of data mining method in automatic verification of login page,through the use of machine learning algorithms,quickly determine which URL is the site login page,then we can determine whether the presence of violence or sabotage can bypass the login and other security problems.