Research on Intrusion Data Mining Algorithm Based on Multiple Minimum Support
Abstract : The traditional single minimum support data mining algorithm has some problems, such as too much space occupied by data, resulting in insufficient accuracy of the algorithm, which is difficult to meet the needs of the development of the times. Therefore, an intrusion data mining algorithm based on multiple minimum support is proposed. First, the feature parameters of frequent item sets of intrusion data areextracted, and the sequence item sets are divided according to the feature parameters. Then, the data mining features are transformed with the equivalent binary data transformation method, and the multi-support tree structure is optimized according to the data processing results.Data classification mining is carried out with the data tree structure information, and the intrusion data features are deeply mined. Finally, the research of the intrusion data mining algorithm based on the multi-minimum support is completed. Through comparative experiments, it is proved that the accuracy of the intrusion data mining algorithm based on multiple minimum support is 35 % - 75 % higher than that of the traditional single minimum support data mining algorithm.
? The development of IDS is motivated by the following factors: Most existing systems have security was that render them susceptible to intrusions, and finding and fixing all these deficiencies are not feasible.
? Prevention techniques cannot be sufficient. It is almost impossible to have an absolutely secure system.
? Even the most secure systems are vulnerable to insider attacks.
? Data mining overlaps with many diciplines like statistics, Machine learning, information retrieval, distributed computing.
? The functional categories of data mining technology, discusses the problems existing in intrusion detection system, establishes an intrusion detection system model based on data mining technology, and introduces the technical principle of the system model and the latest development of data mining technology.
? In order to effectively solve the problems of frequent prefixes and poor accuracy of calculation results in intrusion data mining operations, and achieve the research goal of improving mining performance and saving more time and space resources.
? A Network attack or Security or Security incident is defined as a threat, intrusion, and denial of service or other attack on a network infrastructure that will analyze your network and gain information eventually and cause your network to crash or to become corrupted. There are at least seven types of network attacks
? Data mining look for hidden patterns and trends in data warehouse that is not immediately apparent from summarizing the data, and there is no query involved but use the concept interestingness criteria specification of data such as Frequency,Rarity,Correlation, Length of occurrence, Consistency, Repeating/ periodicity,abnormal behaviour, and other patters of interestingness
? The algorithm is based on rough set theory and Bayesian theory, uses the subtraction algorithm based on rough set theory to reduce the attributes of network data, and uses weighted average single correlation estimation to classify the data.
? In order to effectively solve the problems of frequent prefixes and poor accuracy of calculation results in intrusion data mining operations, and achieve the research goal of improving mining performance and saving more time and space resources.
|