Summary: | 碩士 === 國立交通大學 === 管理學院碩士在職專班資訊管理組 === 98 === The fast development and wide spread use of Internet has indeed brought the benefit and competitiveness for the enterprise: However, the complicated web may result in several vulnerabilities and risks which may jeopardize the host system. Therefore, the Intrusion Detection System has been a widely discussed and studied subject for Internet security. Moreover, the importance of the Internet security cannot be underestimated by most enterprises gradually.
In this study, we adopt data mining technology to construct a hybrid intrusion detection system base on the misuse detection and anomaly detection. For the misuse detection, we adopt the classification rule of decision tree to classify the identified Internet attacks. For the
anomaly detection, we take k-means combined with the judgment of critical values to detect the unknown Internet attacks. The experiment proves that the accuracy rate of classification of the proposed misuse detection system can reach up to 92% and is 85% higher one of than the artificial neural. The judgment combined with the critical value can also determine a brand new Internet behavior correctly in the anomaly detection system.
|