Using an Improved Clustering Method to Detect Anomaly Activities 被引量：3

Using an Improved Clustering Method to Detect Anomaly Activities

下载PDF

导出

摘要 In this paper, an improved k-means based clustering method （IKCM） is proposed. By refining the initial cluster centers and adjusting the number of clusters by splitting and merging procedures, it can avoid the algorithm resulting in the situation of locally optimal solution and reduce the number of clusters dependency. The IKCM has been implemented and tested. We perform experiments on KDD-99 data set. The comparison experiments with H-means＋also have been conducted. The results obtained in this study are very encouraging. In this paper, an improved k-means based clustering method （IKCM） is proposed. By refining the initial cluster centers and adjusting the number of clusters by splitting and merging procedures, it can avoid the algorithm resulting in the situation of locally optimal solution and reduce the number of clusters dependency. The IKCM has been implemented and tested. We perform experiments on KDD-99 data set. The comparison experiments with H-means＋also have been conducted. The results obtained in this study are very encouraging.

作者 LI Han ZHANG Nan BAO Lihui

机构地区 Division of Basic Courses School of Electronic and Information Engineering

出处《Wuhan University Journal of Natural Sciences》 CAS 2006年第6期1814-1818,共5页 武汉大学学报（自然科学英文版）

基金 Supported by the Beijing Municipal Commission ofEducation Science and Technology Project (KM200511232004)

关键词 clustering analysis anomaly detection intrusion detection K-MEANS clustering analysis anomaly detection intrusion detection k-means

分类号 TP393 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献10

1Xian Ji-qing,Lang Feng-hua,Tang Xian-lun.A novel Intrusion Detection Method based on clonal selection clustering algorithm[].the th International Conference on Machine Learning and Cybernetics.2005
2White G B,Fisch E A,Pooch U W.Cooperating Security Managers: A Peer Based Intrusion Detection System[].IEEE Network.1996
3Dasgupta D,Gonzalez F.An immunity-based technique to characterize intrusions in computer networks[].IEEE Transactions on Evolutionary Computation.2002
4Y Guan,,AA Ghorbani,,N Belacel.Y-means:a clustering method for intrusion detection[].Proceedings of Canadian Conference on Electrical and Computer Engineering.2003
5Portnoy,L,Eskin,E,Stolfo,S J. Intrusion Detection with Unlabeled Data Using Clustering[C]//Proceedings of ACM CSS Workshop on Data Mining Applied to Security (DMSA-2001) . 2001
6Bandyopadhyay S,Maulik U.Genetic Clustering for Automatic Evolution of Clusters and Application to Image Classification[].Pattern Recognition.2002
7Caberera J,Ravichandran B,Mehra R K.Statistical Model- ing for Network Intrusion Detection [ DB/OL]. http://IEEExplore. IEEE. org/xplore/login. gsp? url=/iel5/7034/18941/00876573.pdf? tp=&arnumber= 876573&isnumber=18941 . 2006
8Cho Sung-bae.Incorporating Soft Computing Techniques into AProbabilistic intrusion Detection System[].IEEEtrans- actions on System Manand Cybernetics ( Part C).2004
9Information and Computer Science University of California.Irvine KDD CUP99 Data Set[].ht- tp://kddicsuciedu/databases/kddcup/kddcupht- ml.2006
10Kruegel C,Vigna G,William Robertson.A Multi-model Approachto the Detection of Web-Based Attacks[].Com- puter Networks.2005

同被引文献20

1卿斯汉,蒋建春,马恒太,文伟平,刘雪飞.入侵检测技术研究综述[J].通信学报,2004,25(7):19-29. 被引量：235
2蒋盛益,李庆华.一种增强的k-means聚类算法[J].计算机工程与科学,2006,28(11):56-59. 被引量：15
3Lee W K,Stolfo S J,Mok K W. A data mining framework for building intrusion detection models[ C]//Proceeding of the IEEE Symposium on Security and Privacy. California, IEEE Computer Society Press, 1999:120- 132.
4Erbaeher R F, Walker K L, Frincke D A. Intrusion and misuse detection in large-scale systems[J]. IEEE Computer Graphics and Applications, 2002,22 (1) : 38 - 47.
5Richard J Hathaway,James C Bezdek. Extending fuzzy and probability clustering to very large data sets[ J ]. Computational Statistics & Data Analysis,2006,51(1):215-234.
6Hansen P, Mladenovic N. J- means: a new local search heuristic for minimum sum - of - squares clustering [ J ]. Pattern Recognition,2002,34(2) :405 - 413.
7University of California. KDD CUP 1999 dataset [ EB/ OL]. (1999 - 10 - 28) [2010 - 1 - 20]. http://kdd, ies. uci. edu/databases/kddcup99/kddcup99, html.
8Lee W K, Stolfo S J, Mok K W. A data mining framework for building intrusion detection models [ C ] //Proceeding of the IEEE Symposium on Security and Privacy. California:IEEE Computer Socidy Press, 1999 : 120 - 132.
9Erbacher R F, Walker K L, Frincke D A. Intrusion and misuse detection in large -scale systems[ J]. IEEE Computer Graphics and Applications,2002, 22(1) :38 -47.
10Richard J Hathaway, James C Bezdek. Extending fuzzy and probability clustering to very large data sets [ J ]. Computational Statistics & Data Analysis,2006,51 ( 1 ) :215 -234.

引证文献3

1李涵.一种改进的聚类方法在异常检测中的应用[J].微电子学与计算机,2010,27(8):66-69. 被引量：4
2李涵.基于聚类的异常检测方法的研究与实现[J].北京信息科技大学学报（自然科学版）,2010,25(3):80-84. 被引量：3
3黎银环,张剑.改进的K-means算法在入侵检测中的应用[J].计算机技术与发展,2013,23(1):165-168. 被引量：3

二级引证文献10

1邢容,李俊,荆涛.网页静态链接文本安全相关性分析算法研究[J].微电子学与计算机,2011,28(11):165-168.
2陈英,何中市,黄敏.一种优化的K-means聚类中心算法研究[J].制造业自动化,2012,34(8):19-22. 被引量：5
3曹继邦,吴庆涛,郑瑞娟,张聚伟.基于自律计算的主动入侵检测模型[J].微电子学与计算机,2012,29(12):31-35.
4李蓉,周维柏.基于改进的K-Means算法入侵检测框架[J].实验室研究与探索,2014,33(3):110-114. 被引量：4
5李永忠,张杰.一种基于云模型和半监督聚类的入侵检测算法[J].电子测量与仪器学报,2014,28(12):1376-1381. 被引量：9
6李永忠,张杰.基于云模型和半监督聚类的入侵检测算法[J].计算机科学,2015,42(2):147-149. 被引量：3
7夏同胜,黄雨辰.改进的k-means算法在电子商务目标客户细分中的应用研究[J].吉林工程技术师范学院学报,2015,31(3):58-60. 被引量：1
8宋先强,高仲合,刘泷,国凯平.基于数据挖掘的网络异常检测方法的研究[J].电子技术（上海）,2016,43(11):30-32. 被引量：2
9Loka Raj Ghimire,Roshan Chitrakar.Integration of Expectation Maximization using Gaussian Mixture Models and Naïve Bayes for Intrusion Detection[J].Journal of Computer Science Research,2021,3(2):1-10.
10杨文君.入侵检测技术中k-means聚类算法综述[J].科学技术创新,2018(36):65-66. 被引量：3

1GAO Xiang WANG Min ZHAO Rongchun.A Framework for an Adaptive Anomaly Detection System with Fuzzy Data Mining[J].Wuhan University Journal of Natural Sciences,2006,11(6):1797-1800. 被引量：1
2XIONG Jiajun,LI Qinghua,TU Jing.A Heuristic Clustering Algorithm forIntrusion Detection Based on Information Entropy[J].Wuhan University Journal of Natural Sciences,2006,11(2):355-359. 被引量：1
3杨少辉.中、小型企业局域网的安全与防护[J].软件导刊,2007,6(8):101-102.
4刘蕊.计算机缓冲区溢出攻击问题的研究[J].工程地质计算机应用,2007(4):32-35.
5肖立中,刘云翔.适合于入侵检测的分步特征选择算法[J].计算机工程与应用,2010,46(11):81-84. 被引量：5
6陈晨.“网村”:手机搜索侵入者[J].中国电子商务,2006(7):77-79. 被引量：1
7LI Zhanchun LI Zhitang LIU Bin.Anomaly Detection System Based on Principal Component Analysis and Support Vector Machine[J].Wuhan University Journal of Natural Sciences,2006,11(6):1769-1772. 被引量：1
8陈军,冯伟.网络远程教学代理服务器的数据安全性研究[J].电脑开发与应用,2006,19(6):16-18.
9Lin Zhu Bo Li.Improved clustering method based on artificial immune[J].Journal of Systems Engineering and Electronics,2010,21(6):1111-1115. 被引量：1
10DONG Xiaomei XIANG Guang YU Ge LI Xiaohua.A New Detection Approach Based on the Maximum Entropy Model[J].Wuhan University Journal of Natural Sciences,2006,11(6):1765-1768.

Wuhan University Journal of Natural Sciences

2006年第6期

浏览历史

内容加载中请稍等...

Using an Improved Clustering Method to Detect Anomaly Activities 被引量：3

参考文献10

同被引文献20

引证文献3

二级引证文献10

相关作者

相关机构

相关主题

浏览历史