| Compared with IPv4, IPv6has better security, but because the IP Sec key management and the defects of IPv6to application layer above the network security powerless and other reasons, making IPv6network still need to intrusion detection system and firewall network security equipment to build common network security architecture. At the same time, because of the intrusion detection based on data mining system have good self learning ability has attracted a lot of attention. Therefore, in this paper, based on data mining in IPv6network intrusion detection system were studied.First of all, based on the analysis of the current situation of network security, this paper puts forward at the same time can be applied to IPv4and IPv6network based on data mining technology of the intrusion detection scheme. In this scheme, at the same time how to IPv4data with IPv6data detection, how to improve the detection accuracy and efficiency, is the main problem in this paper. In the light of these problems, this paper make the following several aspects work:(1) Through the open source to Snort intrusion detection system data sniffer module transformation, the network of IPv4data and IPv6data standardization, so that the system can be also applied to IPv4and IPv6network.(2) Through the improvement K-means clustering algorithm will standardization of network data clustering, the amount of normal user data filtering, to reduce the detection process needs than the number of data, so as to improve the efficiency of the intrusion detection.(3) By using Apriori association rule algorithm to dig down deep intrusion data association rules, and will get association rules in rule base, in order to make the system have the self learning ability, improve the accuracy of intrusion detection. |
PDF Full Text Request