| 无监督异常检测的核聚类和序列分析方法 |
| |
| 引用本文: | 钟诚,罗程.无监督异常检测的核聚类和序列分析方法[J].计算机研究与发展,2008,45(Z1):326-331. |
| |
| 作者姓名: | 钟诚 罗程 |
| |
| 作者单位: | 1. 广西大学计算机与电子信息学院,南宁,530004
2. 广西大学计算机与电子信息学院,南宁,530004;广西大学行健文理学院,南宁,530004 |
| |
| 摘 要: | 利用核函数构造数据的特征空间并在此空间采用核函数结合RA算法选取初始聚类中心,在核k-means聚类基础上,划分出大簇小簇,然后在大簇中进行异类分离以发现实验数据中以小概率事件出现的R2L,U2R和PROBE攻击;并且在大簇中挖掘闭合序列模式,获得描述大簇的序列规则,从中判断是否存在DoS攻击.算法分析和实验结果表明提出的方法可以获得较高的检测率并降低误报率.
|
| 关 键 词: | 异常检测 模式挖掘 序列分析 核函数 聚类 |
| 修稿时间: | 2007年7月10日 |
Kernel Clustering and Sequence Analysis Methods for Unsupervised Anomaly Detection |
| |
| Zhong Cheng,Luo Cheng.Kernel Clustering and Sequence Analysis Methods for Unsupervised Anomaly Detection[J].Journal of Computer Research and Development,2008,45(Z1):326-331. |
| |
| Authors: | Zhong Cheng Luo Cheng |
| |
| Affiliation: | Zhong Cheng1 , Luo Cheng1,21(School of Computer , Electronics , Information,Guangxi University,Nanning 530004)2(Xingjian College of Science , Liberal Arta,Nanning 530004) |
| |
| Abstract: | A feature space of data is constructed by using the kernel function, and the initial cluster centroids on the feature space are selected by applying a kernel-RA algorithm. The large and small clusters are partitioned and the outliers are split from the large clusters iteratively after the kernel k-means clustering, and the R2L and U2R and PROBE attacks with small probability distribution in data set can be detected and discovered. Furthermore, the closed sequence patterns in the large clusters are mined and... |
| |
| Keywords: | anomaly detection pattern mining sequence analysis kernel function clustering |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
