Abstract: Intrusion detection system is the most important security technology in computer network, currently clustering and classification of data mining technology are often used to build detection model. However, different classification and clustering device has its own advantages and disadvantages and the testing result of detection model is not ideal. Cloud Computing, which can integrate multiple inexpensive computing nodes into a distributed system with a strong computing power, can quickly process massive data. Hadoop is the most widely used cloud computing platform. Currently, cloud-based intrusion detection system has become the new direction, but the study of effective IDS based hadoop is still scarce. This paper presents an intrusion detection system model with feature multi-classification fusion based on hadoop, which combined with K-means clustering and 1V1-SVM multi-classification method, using Map to form a new <Key, value>according to the classification center, to form a new classification, then to re-form a new detection model by removing the repeated value. The testing results of large amounts of data for the MIT Laboratory KDDCUP99 Experimental show that the fused classifier has more accuracy than mere classifier.