ADMIDS: A new type of IDS based on agent data-mining

As an important security inspection approach of computer system, Intrusion Detection System (IDS) has become an indispensable technology for maintaining network security. This paper put forward a new type of intrusion detection system prototype based on Agent data-mining. This system applies agent-based distributed data collection mechanism, uses data-mining technique to perform preparatory data purge on the original audit records, and then processes the sequent flaw data units by STAT(State Transition Analysis Tool) tool. Compared with traditional IDSs, ADMIDS promotes the capability and precision of intrusion detection effectively and possesses fine expansibility and robust. Thus, it fits to be deployed under the circumstance of large heterogeneous network.