Research Of Intrusion Detection Method Based On Data Mining

With the rapid development of information and communication technology,people pay more and more attention to network information security,because any network intrusion or attack behavior may cause serious losses.At present,the main protection measures of network security include data encryption,firewall technology and intrusion detection technology,among which intrusion detection technology can not only resist the external attack behavior,but also identify the abnormal access or attack behavior of the internal network.Data mining technology plays a key role in the discovery of valuable information because a large amount of data will be generated in the process of network operation.Therefore,the application of data mining technology to intrusion detection has incomparable advantages.Aiming at the problems of low detection rate,high false alarm rate and missing alarm rate in traditional intrusion detection methods,an integrated intrusion detection method based on fuzzy c-means and support vector machine is proposed in the thesis.Specific research contents and innovations are as follows:(1)the thesis focuses on the principle of fuzzy c-means algorithm.In order to solve the problem that the fuzzy c-means algorithm is prone to fall into the local optimal solution and does not take into account the difference in the importance degree of features,the information gain ratio is used as the discriminant index of the importance degree of features,and is incorporated into the Euclidean distance formula.At the same time,the density method is used to select the initial clustering center to prevent the algorithm from falling into the local optimal solution.Finally,two different data sets are used to verify the improved fuzzy c-means algorithm.Experiments show that compared with the traditional fuzzy c-means algorithm,the improved algorithm can achieve better clustering effect,reduce entropy and be suitable for high-dimensional dataset.(2)the thesis proposes an integrated intrusion detection method based on the integration of fuzzy c-means and support vector machine.The method uses the improved fuzzy c-means algorithm to construct the high quality of small training dataset,this can significantly reduce the time needed for training and improve the performance of the classifier,and then use support vector machine classification algorithm to train more to get the best model,and the concentration of the test data to predict the type of attack and assess the performance of the method.In the thesis,the nsl-kdd dataset is used for the experiment.The experimental results show that the intrusion detection method proposed in the thesis can accurately detect all kinds of attack behaviors and reduce the false alarm rate and missing alarm rate.