摘要： 针对LEGClust算法在合并簇的过程中易将异常簇并入正常簇的问题，提出一种改进的LEGClust算法，将LEGClust算法应用于入侵检测，发现数据集内任意形状簇，建立入侵检测模型，找出异常数据。在KDD CUP1999数据集上的仿真实验结果表明，该方法能提高入侵检测能力。

关键词: 网络安全, 入侵检测, 聚类分析, LEGClust算法, Renyi熵, Parzen窗

Abstract: The LEGClust algorithm is a new clustering analysis technique, which can effectively find clusters of arbitrary shapes hidden in the data sets. Based on this advantage, this paper applies the algorithm to intrusion detection to establish the intrusion detection model, which can be used to find abnormal data. In the merging process, the LEGClust algorithm tends to merge the abnormal clusters into the normal ones. To solve the problem, it proposes an improved LEGClust algorithm which can significantly improve the performance of intrusion detection. Experimental results on KDDCUP1999 data set verify the effectiveness of the method.

Key words: network security, intrusion detection, clustering analysis, LEGClust algorithm, Renyi entropy, Parzen window

中图分类号: 

• TP309