| 基于快速自适应聚类算法的网络异常检测方法 |
| |
| 引用本文: | 高翔,龙苇,王敏.基于快速自适应聚类算法的网络异常检测方法[J].西北工业大学学报,2011,29(3):424-428. |
| |
| 作者姓名: | 高翔 龙苇 王敏 |
| |
| 作者单位: | 1. 西北工业大学计算机学院,陕西西安,710072
2. 空军工程大学电讯工程学院,陕西西安,710068 |
| |
| 基金项目: | 教育部博士点新教师基金 |
| |
| 摘 要: | 随着Internet遍布到世界的各个角落,计算机暴露在互联网的各种恶意攻击前。我们需要行之有效的入侵检测系统来保护计算机免受这些恶意攻击的侵扰。现有基于信号的检测方法十分依赖加标识的训练数据,而对于新型的攻击束手无策。尽管基于聚类的检测方法可以克服这个缺陷,但是聚类方法的时间开销太大,从而导致网络管理员的反应延迟。本文介绍了一种新型的快速自适应聚类算法(FACA,FastAdaptive C lusterA lgorithm)该算法的时间复杂度为O(mn),n为数据点的数量,m为采样的次数,m的值远小于n,然而传统聚类方法的时间复杂度为O(n2),采用KDD CUP99的实验数据对该方法进行了评估,结果表明,相对于传统聚类方法,FACA显著的提高了检测效率。
|
| 关 键 词: | 异常检测 聚类算法 数据安全 WWW |
An Effective Anomaly Detection Method Using a New Fast Adaptive Clustering Algorithm (FACA) |
| |
| Gao Xiang,Long Wei,Wang Min.An Effective Anomaly Detection Method Using a New Fast Adaptive Clustering Algorithm (FACA)[J].Journal of Northwestern Polytechnical University,2011,29(3):424-428. |
| |
| Authors: | Gao Xiang Long Wei Wang Min |
| |
| Affiliation: | 1.Department of Computer Science and Engineering,Northwestern Polytechnical University,Xi′an 710072,China2.School of Communication,Air Force Engineering University,Xi′an 710068,China |
| |
| Abstract: | Aim.The introduction of the full paper reviews some papers in the open literature and then proposes a FACA-based anomaly detection method,which we believe is relatively more effective against the intrusions from the World Wide Web than the existing anomaly detection methods.Section 1 explains our new method;its core consists of:(1) we cluster the network behavior sets in accordance with the distance between network behavior objects with the FACA,whose flow chart is given as the block diagram in Fig.1;(2) we... |
| |
| Keywords: | algorithms security of data World Wide Web anomaly detection clustering algorithm |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
