Computer Engineering and Applications ›› 2008, Vol. 44 ›› Issue (14): 134-137.

• 网络、通信、安全 • Previous Articles     Next Articles

Design and implementation of network intrusion detection system based on data mining

JIA Shi-guo,ZHANG Chang-cheng   

  1. Huawen College,Jinan University,Guangzhou 510610,China
  • Received:2007-12-04 Revised:2008-03-06 Online:2008-05-11 Published:2008-05-11
  • Contact: JIA Shi-guo



  1. 暨南大学 华文学院,广州 510610
  • 通讯作者: 贾世国

Abstract: The article designs an intrusion detection system model based on data mining technique.The model based on the Snort intrusion detection system utilizes data mining technique to add clustering analysis module,anomaly detection engine and correlation analyzer.The system can not only effectively detect new invasion,but also promote detective speed.So it can solve a problem that general network detect system does nothing to new invasion as well as meet the real-time demand.

Key words: intrusion detection, data mining, Snort

摘要: 设计了一个基于数据挖掘技术的网络入侵检测系统模型。该模型在Snort入侵检测系统的基础上,利用数据挖掘技术增加了聚类分析模块、异常检测引擎和关联分析器。该系统不仅能够有效地检测到新的入侵行为,而且能提升检测的速度,在达到实时性要求的同时,解决了一般网络入侵检测系统对新的入侵行为无能为力的问题。

关键词: 入侵检测, 数据挖掘, Snort