Search Advanced

Message Board

Dear readers, authors and reviewers,you can add a message on this page. We will reply to you as soon as possible!

2018 Volume 43 Issue 12
Article Contents
Previous Article Next Article

ZOU Chen-song1, YANG Yu2. Intrusion Detection Method Based on Density and Optimal Clustering Number[J]. Journal of Southwest China Normal University(Natural Science Edition), 2018, 43(12): 91-99. doi: 10.13718/j.cnki.xsxb.2018.12.016
Citation: ZOU Chen-song1, YANG Yu2. Intrusion Detection Method Based on Density and Optimal Clustering Number[J]. Journal of Southwest China Normal University(Natural Science Edition), 2018, 43(12): 91-99. doi: 10.13718/j.cnki.xsxb.2018.12.016
shu

Intrusion Detection Method Based on Density and Optimal Clustering Number

  • 1. Department of Electrical Engineering;
    2. Department of Mechanical Engineering, Guangdong Songshan Polytechnic College, Shaoguan Guangdong 512126, China

More Information
  • Received Date: 15/05/2018
  • According to the problems of clustering algorithm in the application of intrusion detection, such as parameter presupposition, clustering effectiveness evaluation and unknown attack type detection, an improved algorithm based on density and optimal clustering number has been proposed. And according to the distribution of the samples, the initial clustering center has been determined heuristically, a new internal evaluation index has been proposed from the point of view of the geometric structure of the samples, and the optimal clustering number has been determined. On this basis, an incremental intrusion detection model has been designed to realize the dynamic adjustment of the clustering center and the number of clusters. Experimental results show that compared with K-means and other two improved clustering algorithms, the new algorithm has faster convergence speed and higher clustering accuracy, and can effectively cluster unknown network behaviors, and has better intrusion detection effect.
  • 加载中
  • [1] 文华, 王斐玉. 利用SSO加速最佳路径森林聚类的网络入侵检测[J]. 西南师范大学学报(自然科学版), 2017, 42(5):34-40.

    Google Scholar

    [2] MACQUEEN J. Some Methods for Classification and Analysis of Mulitivariate Observations[C]//Proceedings of the 5th Berkeley Symposium on Mathematical Statistics and Probability. Berkeley:University of California Press, 1967:281-297.

    Google Scholar

    [3] PARK H S, JUN C H. A Simple and Fast Algorithm for K-medoids Clustering[J]. Expert Systems with Applications, 2009, 36(2):3336-3341.

    Google Scholar

    [4] LIU Y, HOU T, LIU F. Improving Fuzzy c-Means Method for Unbalanced Dataset[J]. Electronics Letters, 2015, 51(23):1880-1882.

    Google Scholar

    [5] 孟静, 吴锡生. 自动确定聚类数算法在网络入侵检测中的应用[J]. 计算机仿真, 2013, 30(10):302-307.

    Google Scholar

    [6] BREUNIG M M, KREGEL H P, NG R T, et al. LOF:Identifying Densitybased Local Outliers[J]. ACM Sigmod Record, 2000, 29(2):93-104.

    Google Scholar

    [7] 蒋盛益, 徐雨明, 陈溪辉. 异常挖掘研究综述[J]. 衡阳师范学院学报(自然科学), 2004(3):63-66.

    Google Scholar

    [8] 翟东海, 鱼江, 高飞, 等. 最大距离法选取初始簇中心的K-means文本聚类算法的研究[J]. 计算机应用研究, 2014, 31(3):713-715,719.

    Google Scholar

    [9] 熊忠阳, 陈若田, 张玉芳. 一种有效的聚类中心初始化方法[J]. 计算机应用研究, 2011, 28(11):4188-4190.

    Google Scholar

    [10] 唐丹, 张正军. 近邻传播聚类算法的优化[J]. 计算机应用, 2017, 37(s1):258-261.

    Google Scholar

    [11] 倪志伟, 荆婷婷, 倪丽萍. 一种近邻传播的层次优化算法[J]. 计算机科学, 2015, 42(3):195-200.

    Google Scholar

    [12] 周世兵. 聚类分析中的最佳聚类数确定方法研究及应用[D]. 无锡:江南大学, 2011.

    Google Scholar

    [13] 冯柳伟, 常冬霞, 邓勇, 等. 最近最远得分的聚类性能评价指标[J]. 智能系统学报, 2017, 12(1):67-74.

    Google Scholar

    [14] 谢娟英, 周颖. 一种新聚类评价指标[J]. 陕西师范大学学报(自然科学版), 2015, 43(6):1-8.

    Google Scholar

    [15] KAPP A V, TIBSHIRANI R. Are Clusters Found in One Dataset Present in Another Dataset?[J]. Biostatistics, 2007, 8(1):9-31.

    Google Scholar

    [16] DAVIES D L, BOULDIN D W. A Cluster Separation Measure[J]. IEEE Transactions on Pattern Analysis and Machine Intelligence, 1979, 2(2):224-227.

    Google Scholar

    [17] ROUSSEEUW P J. Silhouettes:a Graphical Aid to the Interpretation and Validation of Cluster Analysis[J]. Journal of Computational and Applied Mathematics, 1987, 20(20):53-65.

    Google Scholar

    [18] XIE X L, BENI G. A Validity Measure for Fuzzy Clustering[J]. IEEE Transactions on Pattern Analysisand Machine Intelligence, 1991, 13(8):841-847.

    Google Scholar

    [19] KWON S H. Cluster Validity Index for Fuzzy Clustering[J]. Electronics Letters, 1999, 34(22):2176-2177.

    Google Scholar

    [20] 任敏. 自适应模糊聚类算法及其在入侵检测中的应用研究[D]. 济南:山东师范大学, 2017.

    Google Scholar

    [21] 王开军, 张军英, 李丹, 等. 自适应仿射传播聚类[J]. 自动化学报, 2007(12):1242-1246.

    Google Scholar

    [22] 解男男. 机器学习方法在入侵检测中的应用研究[D]. 吉林:吉林大学, 2015.

    Google Scholar

    [23] 吴建胜, 张文鹏, 马垣. 数据集的数据分析研究[J]. 计算机应用与软件, 2014, 31(11):321-325.

    Google Scholar

    [24] 李响. 基于经验模态分解的局域网络入侵检测算法[J]. 西南师范大学学报(自然科学版), 2016, 41(8):132-137.

    Google Scholar

  • 加载中
通讯作者: 陈斌, bchen63@163.com
  • 1. 

    沈阳化工大学材料科学与工程学院 沈阳 110142

  1. 本站搜索
  2. 百度学术搜索
  3. 万方数据库搜索
  4. CNKI搜索
Export Citation
PDF
XML

Article Metrics

Article views(586) PDF downloads(138) Cited by(0)

Access History

Other Articles By Authors

Intrusion Detection Method Based on Density and Optimal Clustering Number

  • Received Date: 15/05/2018

Abstract: According to the problems of clustering algorithm in the application of intrusion detection, such as parameter presupposition, clustering effectiveness evaluation and unknown attack type detection, an improved algorithm based on density and optimal clustering number has been proposed. And according to the distribution of the samples, the initial clustering center has been determined heuristically, a new internal evaluation index has been proposed from the point of view of the geometric structure of the samples, and the optimal clustering number has been determined. On this basis, an incremental intrusion detection model has been designed to realize the dynamic adjustment of the clustering center and the number of clusters. Experimental results show that compared with K-means and other two improved clustering algorithms, the new algorithm has faster convergence speed and higher clustering accuracy, and can effectively cluster unknown network behaviors, and has better intrusion detection effect.

    HTML

Reference (24)

Catalog

    Copyright Journal of Southwest China Normal University(Natural Science Edition)

    Address:Tel:023-68252540,68254576,68254478E-mail:xbbjb@swu.edu.cn

    Supported by:Beijing Renhe Information Technology Co. Ltd

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return