首页 | 本学科首页   官方微博 | 高级检索  
     

一种基于聚类的有指导的入侵检测方法
引用本文:蒋盛益,李庆华,王卉,孟中楼.一种基于聚类的有指导的入侵检测方法[J].小型微型计算机系统,2005,26(6):1042-1045.
作者姓名:蒋盛益  李庆华  王卉  孟中楼
作者单位:1. 华中科技大学,计算机学院,湖北,武汉,430074;衡阳师范学院,计算机系,湖南,衡阳,421008
2. 华中科技大学,计算机学院,湖北,武汉,430074
基金项目:国家自然科学基金项目(60273075)资助.
摘    要:提出了一种新的距离定义和基于聚类的有指导的入侵检测方法CBSID(Clustering-based and Supervised Interusion Detection).该方法在带标记的训练集上进行聚类.以聚类结果作为分类模型对未见数据进行分类.该方法对于参数和数据输入顺序具有稳健性.可增量更新分类模型.不同于一般的有指导的入侵检测方法.该方法对未知入侵有一定的检测能力.在KDDCUP99数据集上的测试结果表明,CBSID有理想的性能(高的检测率和低的误报率).

关 键 词:入侵检测  聚类  分类
文章编号:1000-1220(2005)06-1042-04

Clustering-Based and Supervised Intrusion Detection Method
JIANG Sheng-yi,LI Qing-hua,WANG Hui,MENG Zhong-lou.Clustering-Based and Supervised Intrusion Detection Method[J].Mini-micro Systems,2005,26(6):1042-1045.
Authors:JIANG Sheng-yi  LI Qing-hua  WANG Hui  MENG Zhong-lou
Affiliation:JIANG Sheng-yi~
Abstract:A clustering-based and supervised intrusion detection method,named CBSID(Clustering-based and Supervised Interusion Detection) with new distance defination is proposed in this paper. CBSID clusters training data by the label and the results of clustering are used as classification model to predict which cluster the current data belongs to.The method is robust to the cluster parameter and the input sequence of data. The classifiaction model may be incremental updated.Compared with the most existing supervised intrusion detection methods, this method can detect unknown intrusions.The experiment results on dataset KDDCUP99 demonstrate that the CBSID has promising performance with high detection rate and low false alarm rate.
Keywords:intrusion detection  clustering  classification
本文献已被 CNKI 维普 万方数据 等数据库收录!
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号