| 一种增强的基于GCA的入侵检测方法 |
| |
| 引用本文: | 付双胜,张明军,刘棣华,鲁晓帆.一种增强的基于GCA的入侵检测方法[J].网络安全技术与应用,2010(10):73-75. |
| |
| 作者姓名: | 付双胜 张明军 刘棣华 鲁晓帆 |
| |
| 作者单位: | 长春工业大学计算机科学与工程学院,吉林130012 |
| |
| 摘 要: | 增强的基于GCA(Gravity-based clustering approach)的入侵检测方法是先对训练集采用GCA进行聚类,然后依据凝聚层次聚类算法的思想,以簇间的差异度和整体相似度作为聚类质量评价标准对GCA聚类产生的簇进行一些合并,合并后能使簇中心更集中,簇内对象更紧密。再根据标记算法标记出哪些簇属于正常簇,哪些属于异常簇,最后用检测算法对测试集数据进行检测。实验表明该方法对未知攻击的检测能力有所增强,特别是能有效降低误报率。
|
| 关 键 词: | 聚类 入侵检测 凝聚层次聚类 |
An Enhanced Intrusion Detection Method based on GCA |
| |
| Fu Shuangsheng,Zhang Mingjun,Liu Dihua,Lu Xiaofan.An Enhanced Intrusion Detection Method based on GCA[J].Net Security Technologies and Application,2010(10):73-75. |
| |
| Authors: | Fu Shuangsheng Zhang Mingjun Liu Dihua Lu Xiaofan |
| |
| Affiliation: | School of Computer Science and Engineering,ChangChun University Of Technology,Jinlin,130012,China |
| |
| Abstract: | The enhanced intrusion detection method based on GCA(Gravity-based clustering approach)is clustering the training set by GCA firstly.Then based on the idea that agglomerative hierarchical clustering algorithm to combine clusters that GCA clustering produced with the standard of clustering quality evaluation which the difference degree between clusters and the overall similarity.To enable the cluster center is more concentrated and the objects in cluster are more closely after the combination.Then under the marking algorithm to identify which clusters are normal cluster,which are abnormal clusters.Finally,using detection algorithm to detect the test set data.Experiments show that the capability of detecting unknown attacks have increased,particularly to reduce the false positive rate. |
| |
| Keywords: | Clustering Intrusion detection Agglomerative hierarchical clustering |
| 本文献已被 维普 万方数据 等数据库收录! |
|
