摘要： 提出了一种基于聚类分析方法构建入侵检测库的模型，实现了按K-平均值方法建立入侵检测库并据此划分安全等级的思想。该检测系统的建立不依赖于经验数据，能自动依据原有数据对入侵行为进行重新划分。仿真实验表明，该方法具有较强的实用性和自适应功能。

关键词: 网络安全, 入侵检测, 数据挖掘, 聚类分析, K-平均值

Abstract: This paper introduces an intrusion detection model based on clustering analysis and realizes an algorithm of K-means which can set up a database of intrusion detection and classify safe levels. Experiential data are not required to set up this detection system, which is capable of re-classifying intrusion behaviors in terms of related data automatically. Simulation experiments show that the technique possesses strong applicability and self-adaptability.

Key words: network security, intrusion detection, data mining, clustering analysis, K-means

中图分类号: 

• TP309.1