Author(s)

Wei Wang, Cheng Yin

Corresponding Author

Wei Wang

Abstract

With the progress of network, the importance of security is become more and more obvious, the traditional security device firewall has difficult in protecting network security alone. However, current intrusion detection systems lack effectiveness, adaptability and extensibility, and especially, they become ineffective in the face of detecting new kind of attacks, and it already can't adapt to the trend of endless new attacks and increasing data quantity. In this paper, firstly, intrusion detection and data mining techniques are studied. By studying and analyzing the flaws of traditional IDS. Secondly, the course of data mining and the traditional intrusion detection are integrated to design an intrusion detection system based on the data mining technology. It designs the modules function of the system. The models design the rules database and the much emphasis is put on the design of the cluster analysis module and anomaly detector. Finally, it develops the Apriori and Ripper processes, which are combined in IDS by analysis of data mining technology and its specialties.

Keywords

Intrusion Detection, Data Mining, Cluster Analysis, Apriori, Ripper