摘要
根据目前应用于入侵监测的算法中普遍存在的对输入顺序敏感,无法自适应地确定参数以及需要大量的训练数据等问题,该文应用一种新颖的聚类算法进行入侵行为的监测。该方法的优点是对输入数据顺序不敏感以及能够自适应地确定算法参数。实验中采用了KDD99的测试数据[5],结果表明该方法可以比较有效地检测真实网络数据中的已知和未知的入侵行为。
The paper discusses a clustering-based intrusion detection algorithm. The basic idea of the algorithm is the data that has same characters congregate each other by the process of volatile scale till almost overlap center of a certain cluster. The benefit of the algorithm is that it needn't train data and name parameter artificially. Using the data sets of KDD99, the result of the experiment shows that this approach can detect known and unknown intrusions efficiently and correctly in the real network connections.
出处
《计算机工程》
CAS
CSCD
北大核心
2006年第7期149-150,153,共3页
Computer Engineering
关键词
网络安全
入侵检测
聚类算法
Network security
Intrusions detection
Clustering algorithm