원문정보
초록
영어
With the development of the networks, the security of computer networks is becoming more and more serious. The information openness, sharing and interconnection are three important characteristics of computer networks. However, the amounts of intruders and attackers have been grows with the popularization of computers. Therefore, the focus of network security is preventing systems from being invaded effectively. Intrusion detection as a key technology of network security active defense system is designed to distinguish normal behaviors and attack behaviors. Intrusion detection is divided into misuse detection and anomaly detection, and using clustering algorithm is one of the most effective methods for anomaly detection. In this paper, a clustering algorithm based on fast search and find of density peaks is used to distinguish the normal and abnormal network connections to achieve the purpose of anomaly detection. The performance of the algorithm is tested by a data set selected from KDD CUP99. Experiment results show that this algorithm is more suitable than the traditional K-means in data sets containing a large amount of data and uneven density distribution.
목차
1. Introduction
2. Application of Clustering Analysis in Network Intrusion Detection
3. Researches on Clustering Algorithm
4. A Clustering Algorithm using in Anomaly Detection
4.1. Clustering by Fast Search-and-Find of Density Peaks
4.2. Comparison and Analysis
5. Experiment and Result Analysis
5.1. The First Experiment
5.2. The Second Experiment
6. Conclusions
References