Dissertation > Industrial Technology > Automation technology,computer technology > Computing technology,computer technology > Computer applications > Computer network > General issues > Computer Network Security

Research and Implementation of Intrusion Detection System Based on Clustering and Association

Author LiJian
Tutor LiJun
School Nanjing University of Aeronautics and Astronautics
Course Applied Computer Technology
Keywords Network Seurity Intrusion Detection Data Mining Cluster Analysis AssociationAnalysis Aximum Frequent Itemsets
CLC TP393.08
Type Master's thesis
Year 2012
Downloads 34
Quotes 0
Download Dissertation

With the popularity of computer network technology,network security problem has becomeincreasingly severe,which attracts people’s much attention. As a widely used technology,which candiscover the pattern of hacker’s intrusion in real-time,intrusion detection has been one of theimportant approaches ensuring the network security.And it is quite helpful to find the root causeefficiently and discover novel and meaningful alerts by means of applying data mining to the field ofintrusion detection system.Firstly, this paper summarizes the research background,development history,the IDS’ concept,principles as well as classifications and compares different intrusion detection methods.This paperalso points out the problems existed in IDS and the development trend of intrusion detectiontechnology.Then,this paper focuses on researching applying the rule of cluster and association to mine datain intrusion detection field. In clustering field of data mining, as the k-menas algorithm is susceptibleto be affected by the noise points and outliers, which leads to the results such that the algorithm isunable to determine k value and heavily depends on the initial centroid.In order to overcome thesedisadvantages, we put forward an improved k-means clustering algorithm. In the area of mining withassociation rule,because Apriori algorithm scans transaction database so many times, it can not bedirectly used for mining association rules in relational database.With each attribute having the samedegree of support, we propose to find all frequent itemsets based on maximal frequent itemsets andfurthermore we put forward an improved algorithm for association rules.Finally, we built an intrusion detection system based on cluster and association. We alsodesigned some modules such as data acquisition module, data training module, preprocessing module,cluster analysis module, association analysis module, detection module along with alarm module andrealized them respectively. We made experiments with the popular official data sets and analyzed theresults.Finally,we compared the result with the reality and we obtained the ideal effect.

Related Dissertations
More Dissertations