| With the rapid development of information technology, computer network has gradually penetrated into every corner of modern society, and its security has become a vital problem. The technology of intelligent intrusion detection, which is of many advantages like high intelligence, adaptability and real-time, has become a focus in network security.The advantages and disadvantages of the popular network security technology are analyzed in this thesis. Moreover network-based intrusion detection technology is explored and an intellectualized network intrusion detection model based on network traffic is designed and implemented. The model consists of two modules: traffic detection, abnormal analyzing.The improved BP algorithm is adopted in the traffic detection module. By the means of generation function, input and output data are trained and weight values are adjusted through learning in order to implement the mapping relationship between input and output data, thus anomaly can be detected.Association pattern algorithm works in the abnormal analyzing module. When the traffic anomaly is detected in the previous module, the analyzing module will record all the data packages in a specified time according to the subnet address and port, and mine frequency sequences by the use of association pattern algorithm. How to use CLOSET arithmetic mine frequent patterns of anomaly network traffic is described in detail, the experimental results indicate that this algorithm is efficient enough to meet the needs of active detect novel intrusion. Compared with most existing system using purely knowledge engineering approaches, the algorithm is more intelligent and adaptive.With the cooperation of two modules, the Intellectualized Network Intrusion... |
PDF Full Text Request