17-03-2014, 09:33 PM
Abstract-Internet technology has developed rapidly and both
software system and hardware equipment have improved
greatly in recent years. However, internet brings people not
only convenience but also great potential threats. Facts show
that potential safety hazards exist from the emergence of
internet. As a kind of effective information security safeguard
measure, intrusion detection makes up for the defects of
traditional security protection techniques. As a kind of
effective data analysis method, data mining is introduced into
intrusion detection systems. This paper puts forward the idea
of applying data mining technology to intrusion detection
systems and then designs data preprocessing module,
association analysis module and cluster module respectively.
INTRODUCTION
Data mmmg can find potential and useful knowledge
from a mass of data. The advantages of applying data mining
to an intrusion detection system lie in that the system can
produce an accurate detection model from a mass of audit
data automatically to reduce artificial intervention and it can
be used to construct an intrusion detection system in various
computing environments because of mechanical ness and
universality of mining process itself. In recent years, the
rapid development of data mining technology has got a large
quantity of algorithms from the fields, such as statistics,
pattern recognition, machine learning and database, etc, and
some algorithms are particularly useful for intrusion
detection, such as classification analysis, cluster analysis,
association rule analysis and sequential pattern analysis, etc,
the previous studies show that applying these technologies to
intrusion detection is feasible and effective.