| 基于离群聚类的异常入侵检测研究 |
| |
| 引用本文: | 李志华,王士同. 基于离群聚类的异常入侵检测研究[J]. 系统工程与电子技术, 2009, 31(5): 1227-1230 |
| |
| 作者姓名: | 李志华 王士同 |
| |
| 作者单位: | 江南大学信息工程学院, 江苏, 无锡, 214122 |
| |
| 基金项目: | 江南大学青年预演科研基金 |
| |
| 摘 要: | 提出了一种离群聚类算法,并分析了算法抗例外点干扰的能力.离群数据是远离其它数据的数据,网络中异常入侵数据的实质就是离群数据,因为异常入侵记录往往呈现小样本和多变性的特点,并且偏离正常网络连接记录.通过定义新的异构样本的相异性度量方法,提出了一种基于离群聚类无监督学习的异常入侵检测方法.仿真实验表明了方法的有效性和实用性,在总检测率方面优于文献中已有的其它方法.
|
| 关 键 词: | 入侵检测 异构属性数据 离群聚类算法 |
| 收稿时间: | 2008-02-06 |
| 修稿时间: | 2008-09-08 |
Clustering with Outliers-based anomalous intrusion detection |
| |
| LI Zhi-hua,WANG Shi-tong. Clustering with Outliers-based anomalous intrusion detection[J]. System Engineering and Electronics, 2009, 31(5): 1227-1230 |
| |
| Authors: | LI Zhi-hua WANG Shi-tong |
| |
| Affiliation: | Shool of Information Technology, Jiangnan Univ., Wuxi 214122, China |
| |
| Abstract: | An algorithm of cluster with outliers(CO) is proposed and its insensitivity to outliers in real datasets is analyzed.Anomalous intrusion data often do appear far from the normal network connections,essentially,they are outliers.A CO-based unsupervised anomalous detection method with a new distance definition of heterogeneous dataset is presented.By training data without label,the parameters in CO algorithm are regarded as a classification model to predict which cluster the current data belong to.Its validity is also discussed.Experimental results on the dataset KDDCUP99 comparing with other methods demonstrate that the proposed method has promising performance. |
| |
| Keywords: | |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《系统工程与电子技术》浏览原始摘要信息 |
|
点击此处可从《系统工程与电子技术》下载全文 |
|
