摘要： 根据目前应用于入侵监测的算法中普遍存在的对输入顺序敏感，无法自适应地确定参数以及需要大量的训练数据等问题，该文应用一种新颖的聚类算法进行入侵行为的监测。该方法的优点是对输入数据顺序不敏感以及能够自适应地确定算法参数。实验中采用了KDD99 的测试数据[5]，结果表明该方法可以比较有效地检测真实网络数据中的已知和未知的入侵行为。

关键词: 网络安全；入侵检测；聚类算法

Abstract: The paper discusses a clustering-based intrusion detection algorithm. The basic idea of the algorithm is the data that has same characters congregate each other by the process of volatile scale till almost overlap center of a certain cluster. The benefit of the algorithm is that it needn’t train data and name parameter artificially. Using the data sets of KDD99, the result of the experiment shows that this approach can detect known and unknown intrusions efficiently and correctly in the real network connections

Key words: Network security; Intrusions detection; Clustering algorithm