摘要: 基于异常的入侵检测方法难以有效地获得一个用于建立正常行为模式的正常数据训练集,而粒子群优化模糊聚类算法的初始化聚类数目一般凭经验确定,准确性不高。为此,提出一种自控粒子群优化模糊聚类算法。从网络数据中提取训练集,并初始化具有不同聚类数目的粒子群,在迭代过程中,根据不同粒子群的聚类有效性函数,通过列控制向量对各粒子群规模进行调整,由此实现聚合。实验结果表明,该方法的聚类结果准确率高,可以为基于异常的入侵检测方法提供可靠的训练数据。
Abstract: Intrusion detection methods based on abnormity need a normal data set to establish the normal behavior mode, but there is not an effective method to get the data set. The number of clustering needs to be initialized in Particle Swarm Optimization(PSO) fuzzy clustering algorithm, and this number is confirmed according to experience, so its accuracy is lower. To solve these problems, this paper proposes a self-control PSO fuzzy clustering algorithm, getting the training sets from the network data. It sets the particle swarm with different number of clustering and the number can be adjusted by control-vector according to the validity function. And the data can be converged into an appropriate number of clustering. Experimental results show that the method can improve the veracity of clustering, and reliable training sets can be got from the network data.
Key words:
Particle Swarm Optimization(PSO),
fuzzy clustering,
intrusion detection,
abnormal detection,
刘教民, 李勇征, 孟军英, 李艳. 基于自控粒子群优化的入侵数据分析[J]. 计算机工程, 2012, 38(22): 104-106.
LIU Jiao-Min, LI Yong-Zheng, MENG Jun-Yang, LI Yan. Intrusion Data Analysis Based on Self-control Particle Swarm Optimization[J]. Computer Engineering, 2012, 38(22): 104-106.