| 一种基于聚类的无监督异常检测方法 |
| |
| 引用本文: | 杨斌,刘卫国. 一种基于聚类的无监督异常检测方法[J]. 计算机工程与应用, 2008, 44(1): 138-141. DOI: 10.3778/j.issn.1002-8331.2008.01.044 |
| |
| 作者姓名: | 杨斌 刘卫国 |
| |
| 作者单位: | 中南大学 信息科学与工程学院,长沙 410083 |
| |
| 摘 要: | 为了解决无监督异常检测方法无法检测突发性的大规模攻击的问题,提出了一种基于聚类的无监督异常检测模型,该模型从多个聚类器中选取DB指数最小的分簇结果,并利用最小簇内距离、最大簇内距离对每个簇进行分类,从而识别出攻击。实验表明该模型明显提高了检测率、降低了误报率。
|
| 关 键 词: | 无监督异常检测 K均值算法 DB指数 簇内距离 |
| 文章编号: | 1002-8331(2008)01-0138-04 |
| 收稿时间: | 2007-06-01 |
| 修稿时间: | 2007-06-01 |
Clustering-based unsupervised anomaly detection method |
| |
| YANG Bin,LIU Wei-guo. Clustering-based unsupervised anomaly detection method[J]. Computer Engineering and Applications, 2008, 44(1): 138-141. DOI: 10.3778/j.issn.1002-8331.2008.01.044 |
| |
| Authors: | YANG Bin LIU Wei-guo |
| |
| Affiliation: | College of Information Science & Engineering,Central South University,Changsha 410083,China |
| |
| Abstract: | Unsupervised anomaly detection can’t detect a massive attack in bursts.In order to solve this problem,this paper proposes a unsupervised anomaly detection model based on clustering.It chooses clustering result from multi-clusters which has the minimum DB index,applies minimum intra-cluster distance and maximum intra-cluster distance to classify every cluster,then identifies attacks.Experimental results show that the proposed strategy can improve obviously detection rate and decrease false positive rate. |
| |
| Keywords: | unsupervised anomaly detection K-means algorithm Davies-Bouldin index intra-cluster distance |
| 本文献已被 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程与应用》浏览原始摘要信息 |
|
点击此处可从《计算机工程与应用》下载全文 |
