针对审计日志记录的特性，本文提出了一种基于聚集信息矩阵的高效增量式关联规则的挖掘算法，并解决了当最小支持度改变以及审计数据动态更新时相应的关联规则的更新问题。算法提高了审计日志数据库关联规则挖掘的效率，更加适用于入侵检测系统，能基本满足实时入侵检测系统的需要。关键词：入侵检测；关联规则挖掘；聚集信息矩阵；关联向量Abstract: Corresponding to characteristic of the audit record, this paper proposes a high efficiency incremental association mining algorithm based on information collecting matrix. The algorithm resolve the problem that how to update the association rules in a database when minimum support changed or new transactions are added to the database. The algorithm improves the efficiency of the association mining, can fulfill the request if the real time system and apply to intrusion detection system.Key words: Intrusion detection; Association mining; Information collecting matrix; Association vector