Research And Application Of Intrusion Detection System Based On Data Stream Mining

In the era of big data,with the increase of data explosion,data security incidents occur frequently in recent years.In the face of the current diversified network attacks,data mining-based intrusion detection technology has become one of the important means of network security protection.In order to solve the data security problem in the network,this paper designs an intrusion detection system based on data stream mining.Firstly,the advantages and disadvantages of current data stream clustering algorithms are analyzed.In the traditional segmented data stream clustering algorithm,the inaccuracy of micro-cluster threshold radius T in the online part as well as the oversimplifying of the dealing process with the micro-cluster by the offline part leads to a low clustering quality.In order to break through such limitation,a data stream clustering algorithm on the basis of artificial bee colony optimization for offline part processing is proposed based on the existing dynamic sliding window model.This algorithm consists of two parts:(1)The online part dynamically adjusts the size of the window and improves the value of the micro-cluster threshold radius T according to the length of time that the data stays in the window so as to get micro clustering step by step.(2)The offline part uses the improved bee colony algorithm to continuously adjust dynamically to find the optimal clustering result.The experimental results show that this algorithm not only bears a high clustering quality,but also has fairly good ductility and stability.Secondly,an intrusion detection system for data stream mining is designed.The system is mainly divided into two parts: cluster analysis and detection analysis.The cluster analysis part includes: data acquisition module,data preprocessing module,and data stream clustering processing module.The detection analysis includes: classification module and data detection module.The data preprocessing module and the classification module are the core of the intrusion detection system.The data preprocessing module performs discrete attribute digitization and continuous attribute normalization processing on the data information.In the classification module,the result of data stream clustering is divided into a normal cluster set and an abnormal cluster set according to the rule of a normal data ratio threshold in the cluster.The minimum error rate Bayes classifier is then used to classify and detect the data.Finally,the experimental analysis shows that the false alarm rate and detection rate of IDS are better than M-stream IDS and BDClustream IDS.It proves that IDS has good detection performance in this paper.