作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2011, Vol. 37 ›› Issue (17): 96-98. doi: 10.3969/j.issn.1000-3428.2011.17.031

• 安全技术 • 上一篇    下一篇

基于聚类分析的网络入侵检测模型

李文华   

  1. (长江大学计算机科学学院,湖北 荆州 434023)
  • 收稿日期:2011-03-04 出版日期:2011-09-05 发布日期:2011-09-05
  • 作者简介:李文华(1965-),男,副教授,主研方向:网络安全,数据库技术

Network Intrusion Detection Model Based on Clustering Analysis

LI Wen-hua   

  1. (College of Computer Science, Yangtze University, Jingzhou 434023, China)
  • Received:2011-03-04 Online:2011-09-05 Published:2011-09-05

摘要: 为提高网络入侵检测系统的入侵识别能力,提出一种基于模糊C均值(FCM)聚类的入侵检测模型。该模型包括数据预处理器、FCM聚类处理器、类中心集更新器和检测系统,可以同时处理数值属性与符号属性。实验结果表明,与其他模型相比,该模型具有较低的误警率和较高的检测率。

关键词: 入侵检测, 聚类分析, 模糊C均值, 欧氏距离, 简单匹配系数

Abstract: This paper introduces Fuzzy C-means(FCM) clustering method, researches the methods of intrusion detection based on clustering analysis, and establishes a new model of network intrusion detection. The new model is included data pre-processor, clustering-component based FCM, Updater of clustering-center, and detection system, and improves the availability of intrusion detection system. Experimental result proves that the model can detect intrusion from the network connection data at a lower system false alarm rate and a higher detection rate.

Key words: intrusion detection, clustering analysis, Fuzzy C-means(FCM), Euclidean distance, Simple Matching Coefficient(SMC)

中图分类号: