Research of the Intrusion Detection Model Based on Data Mining
The paper presents a new intrusion detection model combining misuse detection and anomaly defection mode, and makes a research into the key technology of the model based on data mining theory. In the model, the association rules data mining algorithm is applied to establish abnormal behavior rule set for misuse detection to detect known intrusion rapidly. And the minimum dissimilarity clustering analysis algorithm is used to establish normal behavior rule set for anomaly detection to detect new unknown intrusion. Research of the model of intrusion detection based on data mining is made on KDD99 dataset. The experiment shows that the new model can improve true positives, decrease false positives and detect new intrusions.
intrusion detection model association rules clustering analysis misuse detection anomaly detection
Mei Jiang Xindan Gan Chaofeng Wang Zhuo Wang
School of Computer Engineering, Qingdao Technological University Qingdao, China Global InfoTech Co..Ltd. Beijing, China
国际会议
成都
英文
1461-1465
2010-12-17(万方平台首次上网日期,不代表论文的发表时间)