With the emergence of large-volume and high-speed streaming data, traditional techniques for mining closed frequent itemsets has become inefficient. Online mining of closed frequent itemsets over streaming data is one of the most important issues in data streams minging. In view of the low efficiency of traditional closed frequent item data mining, a combined data structure based on the principle of cognitive computing is proposed, that is, combining the effective bit first with the extended dictionary frequent item list to form a mixed data structure that can identify the closed frequent information in data streams. At the same time, a variety of pruning strategies based on cognitive computing are proposed to avoid the generation of a large number of intermediate itemsets and to remove the non closed frequent term sets from the Hash Table of Closed Itemsets (CIHT). Closed Frequent Itemset Deletion and Search Strategy (CFIDWSS) is used to effectively add or remove the closed frequent itemsets, so as to greatly reduce the search space and improve the user response speed. The proposed algorithm solves the problem of low efficiency of data streams mining of closed frequent items. On the basis of the above algorithms, this paper proposes a new intrusion detection model. Through the mining of normal or abnormal patterns of data stream information, the corresponding database of network access pattern is established. Then the database is used to detect the intrusion online in real time and improve the detection accuracy of the system. Theoretical and experimental results show that the proposed algorithm and intrusion detection system have good performance.

随着大容量和高速流数据的出现，用于挖掘封闭频繁项集的传统技术变得效率低下。在流数据上在线挖掘封闭的频繁项集是数据流关联中最重要的问题之一。鉴于传统封闭式频繁项目数据挖掘效率低下，提出了一种基于认知计算原理的组合数据结构，即将有效位优先与扩展字典频繁项目列表相结合，形成混合数据结构。可以识别数据流中关闭的频繁信息。同时，提出了多种基于认知计算的修剪策略，以避免生成大量中间项目集，并从封闭项目集哈希表（CIHT）中删除非封闭频繁项集。封闭式频繁项集的删除和搜索策略（CFIDWSS）用于有效地添加或删除封闭式频繁项集，从而大大减少了搜索空间，提高了用户响应速度。该算法解决了封闭频繁项数据流挖掘效率低的问题。在上述算法的基础上，提出了一种新的入侵检测模型。通过挖掘数据流信息的正常或异常模式，建立了相应的网络访问模式数据库。利用该数据库实时在线检测入侵，提高了系统的检测精度。理论和实验结果表明，所提算法和入侵检测系统具有良好的性能。