【作者】 孙怿昉；

【导师】 陈玉华；

【作者基本信息】 大连海事大学 ， 计算机应用技术， 2008， 硕士

【摘要】 随着社会信息化程度的不断提高,人类社会对计算机网络的依赖程度也越来越高。与此同时计算机网络本身具有的开放性、共享性等特点所带来的网络安全问题也日渐突出。如何能保证庞大的网络正常、安全、高效、平稳的运转成为当务之急。入侵检测技术应运而生,它是继防火墙、数据加密技术等传统安全技术后的又一种全新的网络安全保障技术。与以往被动激发的安全技术不同,入侵检测技术是一种主动检测的安全技术,是对传统防火墙等技术的必要补充,入侵检测技术的应用将大大提高网络安全防范能力。本文针对基于数据挖掘的入侵检测技术展开研究。文章详细介绍了入侵检测技术和数据挖掘技术的基本原理,深入分析了普遍应用于入侵检测系统中的数据挖掘算法。其中主要对Apriori算法进行了重点分析和研究,从提高检测算法对入侵识别的有效性和降低误报、漏报率出发,对传统Apriori算法提出了改进,并通过实验证明了其合理性。改进后的算法排除了一些无意义的规则对结果的影响,提高了系统效率,使其更适用于入侵检测系统。文章最后提出了一个基于改进算法的入侵检测模型,并分析和阐述了其工作原理。更多还原

【Abstract】 With the continuous development of the information society , the human society has become increasingly dependent on computer network. At the same time, the computer network security issues are increasingly prominent, which is caused by the open and shared characteristics of network itself.The issue how we can ensure the huge network operates in normal, safe, efficient and smooth way has become a top priority. Intrusion Detection Technology comes into being, which is a new network security technology after the traditional security technology of the firewall and data encryption technology. Intrusion Detection Technology is a pro-active detection of security technology and different to the past passive safety technology, which is a necessary complement to the traditional technology of firewall. Intrusion detection technology applications will greatly enhance the security of the network.This paper aims at the Intrusion Detection Technology based on data mining. The paper describes the basic principles of the intrusion detection and data mining techniques and analysis the main data mining algorithms which is used in the intrusion detection system.The data mining algorithm of Apriori is the main part we discussed in the paper. We improve the traditional Apriori algorithm. We focus on the detection efficiency and two indicators of misrepresentation and omission factor to improve the effectiveness of the invasion identify.Excluding some frivolous rules that have little impact on the outcome to raise the efficiency of the system and that makes it more applicable to intrusion detection systems. The effectiveness is proved by the experiment in the paper. At the end of the paper, we proposed an intrusion detection model based on the improved algorithm .illustrate and analyze the principle of work.更多还原