入侵检测是用于检测任何损害或企图损害系统的保密性、完整性或可用性行为的一种网络安全技术。指出当前入侵检测系统存在的问题,并针对现有入侵检测系统漏报、误报率高的问题,提出将数据挖掘技术应用于入侵检测系统。文中论述了常用的数据挖掘算法,提出一个基于数据挖掘技术入侵检测系统模型,描述了模型体系结构及主要功能。实验表明,该模型能提取特征,生成新规则,找到入侵数据,提高入侵检测系统的有效性。 Intrusion detection is a cyber-security technology used to detect any compromise or attempt to compromise the confidentiality, integrity, or usability of a system. The existing problems of intrusion detection system are pointed out. Aiming at the problem of omission and false positive rate of existing intrusion detection system, this paper proposes to apply data mining technology to intrusion detection system. This paper discusses the commonly used data mining algorithms, proposes a data mining based on intrusion detection system model, describes the model architecture and main functions. Experiments show that the model can extract features, generate new rules, find intrusion data and improve the effectiveness of intrusion detection system.