Abstract: Data mining techniques are used to deal with the huge mount of information of log audit data and detect the network intrusion patterns. The key idea is to discover the useful patterns that describe user behavior by utilizing two general mining algorithms: the association rules algorithm and the frequent episodes algorithm. They can be used to compute the intra audit and inter audit record patterns. To meet the challenges of high speed and efficient mining, we amend the algorithms to reach a good balance between the time and space by using a bit vector indicating the frequent item.