Network Intrusion Detection Based on Behavior Patterns Mining
Yang Xiangrong，Song Qinbao,Shen Junyi
(School of Electronics and Information Engineering,Xi'an Jiaotong University,Xi'an 710049,China)

Abstract: An efficient method based on data mining is presented for detecting network intrusion. According to this method, user's behavior patterns are mined from IP packets, and used to build user’s behavior rules base automatically. By comparing similarity, the new method can be used to detect known and unknown network attacks in realtime. The user’s behavior patterns mining algorithm IDSPADE is described in detail, which is the most important part of DMIDS. The experimental results indicate that this algorithm is efficient enough to meet the needs of active detect novel intrusion. Compared with most existing systems by using the pure knowledge engineering approaches, the algorithm is more intelligent and adaptive.
Keywords: network intrusion detection;behavior patterns mining;computer information security