Intrusion prevention in depth system research based on data mining

This paper proposes a data mining based intrusion prevention in depth system model to manage the huge amounts of unreliable and uncontrollable security events, which are generated by the extensive utilization of heterogeneous security devices in computer networks. A method of combining online detection and offline data mining is made use as the core of the model. In fact, the model is a united network security management platform used to analyze the network and host data from different layers: the kernel layer, the concentration layer and the access layer. Through improving the capture speed of network data package, the proposed model can evidently improve the efficiency of traditional IPS for detection network intrusion. This verity can be demonstrated by simulation and experiment results. Thus, the proposed intrusion prevention in depth system model can be used for defense in real-time and defense in depth.