Abstract:
This paper introduces Fuzzy C-means(FCM) clustering method, researches the methods of intrusion detection based on clustering analysis, and establishes a new model of network intrusion detection. The new model is included data pre-processor, clustering-component based FCM, Updater of clustering-center, and detection system, and improves the availability of intrusion detection system. Experimental result proves that the model can detect intrusion from the network connection data at a lower system false alarm rate and a higher detection rate.
Key words:
intrusion detection,
clustering analysis,
Fuzzy C-means(FCM),
Euclidean distance,
Simple Matching Coefficient(SMC)
摘要: 为提高网络入侵检测系统的入侵识别能力,提出一种基于模糊C均值(FCM)聚类的入侵检测模型。该模型包括数据预处理器、FCM聚类处理器、类中心集更新器和检测系统,可以同时处理数值属性与符号属性。实验结果表明,与其他模型相比,该模型具有较低的误警率和较高的检测率。
关键词:
入侵检测,
聚类分析,
模糊C均值,
欧氏距离,
简单匹配系数
CLC Number:
LI Wen-Hua. Network Intrusion Detection Model Based on Clustering Analysis[J]. Computer Engineering, 2011, 37(17): 96-98.
李文华. 基于聚类分析的网络入侵检测模型[J]. 计算机工程, 2011, 37(17): 96-98.