Intrusion detection system based on new association rule mining model

Intrusion detection is a problem of great significance to protecting information systems security. Its techniques fail into two general categories: anomaly detection and misuse detection, which complement each other. This research focuses on anomaly detection techniques for intrusion detection. Presently; several approaches based on classical association rule mining have been proposed. for intrusion detection. Because two shortages existed in classical association rule mining problem, namely every itemset is treated equivalently and a uniform minimum support and minimum confidence is used as weighing standard, many rules and uninteresting rules will be generated that causes low effectiveness of intrusion detection. Based on new association rule mining model proposed by Li etc. (2002) that can solve the two shortages at the same time, a new intrusion detection system was proposed. Because the interest of item as a degree is used and the mining algorithm is based on FP-tree, our preliminary experiment results show that the proposed system is more robust and efficient than that based on APRIORI.