This project aims to apply data mining techniques for finding interesting information in the dionaea-logged connections. It can be helpful in discovering network distributed attacks, penetrations , port scans (even those carried out very very slow) and unusually too many connections from or to single resources (addresses, ports and so on). Data mining techiques help filtering interesing information from big loads of data, mixing network security and DM may bring new tools for threats analysis.