The Application Of Data Mining In Intrusion Detection Based On The Clementine

With the rapid development and application popularization of computer network technology,in the technology of defending network intrusion,the technology of intrusion detection plays an important role in the security of network.It is a kind of dynamic strategy which can cooperate with the firewall in real time monitoring and dynamic protection network security.The merits of the intrusion detection model depends on the intrusion analysis module which depends on the detection rate and the performance of intrusion detection data in real time,so the intrusion detection model is judged by the detection rate and efficiency.In order to improve the detection rate and efficiency of anomaly detection system,the intrusion detection researchers has done related work in many ways and made some achievements.So far,there is not a unified theory in the field of intrusion detection.The research purpose of this article is to seek a relatively superior method and theory.Intrusion detection dataset is typically large data sets.When dealing with the classification and prediction of big data,data mining is the most effective method.The common methods of using data mining to analyze data are artificial neural network,decision tree,statistical analysis,etc.This paper mainly studied the application of several data mining methods in intrusion detection system based on the Clementine,and related work is as follows:1.Analyze the method and principle of three kinds of decision tree theory,i.e.,C&R,C5.0,CHAID;study two kinds of principle of artificial neural network theory and their respective advantages and disadvantages,i.e.,BP(Error Back Propagation)and RBF(Radical Basis Function);Analyze and count the theory of the Logistic regression analysis method.2.Familiar with clementine data mining software,be able to build all kinds of classification forecast model by Clementine software,and optimizing the model by setting up and adjusting parameters.3.Import pretreatment KDDCUP '99 intrusion detection data sets into all kinds of data mining methods,establish the corresponding simulation model,analyze of experimental results and give the optimal method of data mining.Model results:Based on all kinds of classification and predictive model detection rate of the comparative analysis,in multi-class classification testing,artificial neural network model is better than that of Logistic regression analysis model;When two-class classification testing,the C5.0 decision tree model is better than that of artificial neural network model.So when two-class detection data is to use C5.0 decision tree model,and multi-class intrusion data segment specific invasion types,using artificial neural network model.