Abstract: This paper proposes a database intrusion detection system based on data mining. An improved Apriori _ids algorithm is adopted by the system which can get the set of frequent item sets by scanning database one time easily. The system has such a fine-grained detection which can examine malicious database operations and the users’ abnormal behavior at transaction level. Experimental results show the system improves the production efficiency of frequent item sets and the knowledge regular library.

Key words: data mining, intrusion detection, association rules

摘要： 提出基于数据挖掘技术的数据库入侵检测系统，采用改进的Apriori_ids算法挖掘行为模式，经过1次扫描数据库即可生成频繁项集。系统具有较细的检测粒度，可在事务级别上检测用户的恶意操作或异常行为。实验结果表明，该系统使频繁项目集的生成效率得到提高，数据库入侵检测系统知识规则库的生成效率得到改善。

关键词: 数据挖掘, 入侵检测, 关联规则

CLC Number: 

• TP309