A Mixed Unsupervised Clustering-based Intrusion Detection Model

被引:8
作者
Zhang, Cuixiao [1 ]
Zhang, Guobing [1 ]
Sun, Shanshan [1 ]
机构
[1] Shijiazhuang Railway Inst, Sch Comp & Informat, Shijiazhuang, Peoples R China
来源
THIRD INTERNATIONAL CONFERENCE ON GENETIC AND EVOLUTIONARY COMPUTING | 2009年
关键词
unsupervised cluster; intrusion detection model; anomaly detection; clustering algorithm;
D O I
10.1109/WGEC.2009.72
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Through analyzing the advantages and disadvantages between anomaly detection and misuse detection, a mixed intrusion detection system (IDS) model is designed. First, data is examined by the misuse detection module, then abnormal data detection is examined by anomaly detection module. In this model, the anomaly detection module is built using unsupervised clustering method, and the algorithm is an improved algorithm of K-means clustering algorithm and it is proved to have high detection rate in the anomaly detection module.
引用
收藏
页码:426 / 428
页数:3
相关论文
共 5 条
[1]   Data clustering: A review [J].
Jain, AK ;
Murty, MN ;
Flynn, PJ .
ACM COMPUTING SURVEYS, 1999, 31 (03) :264-323
[2]  
*KDD, KDD99CUP DAT
[3]  
LI DQ, 2007, RES CLUSTERING ALGOR
[4]  
LUO SS, 2003, INTRUSION DETECTIN
[5]  
ZHANG XF, 2003, COMPUTER SCI, V8, P45
1