摘要： 在入侵检测建模过程中，特征提取是一个重要的步骤。特征提取有利于提高入侵检测的效率和准确性，好的特征可以在特征空间提供完美的分类独立性。但在以往的入侵检测模型评估中，对原始数据的特征提取并没有涉及提取的标准和原则。文章利用KDD 数据集，针对不同种类的网络入侵攻击，使用经典聚类算法对特征提取的特征类别进行比较，以获取该领域的知识。

关键词: 特征提取；聚类算法；异常检测；无指导学习

Abstract: Feature selection is an essential step in the process of intrusion detection modeling. Feature selection can improve the efficiency and the accuracy of Intrusion detection. Good features can provide excellent class separability. But in the historical researches, the criteria and the way about how to select the features in the raw data are seldom referred. In the thesis, classical clustering algorithm is used to evaluate the features selected and to approve the viewpoint based on KDD dataset.

Key words: Feature selection; Clustering algorithm; Anomaly detection; Unsupervised learning