基于模糊聚类分析的入侵检测方法

Intrusion detection method based on fuzzy cluster analysis

提出了一种新的基于模糊聚类分析的入侵检测数据处理方法,该方法能够较为准确地区分正常和入侵进程,具有计算速度快、耗用资源少等特点。通过使用模糊聚类,还可以提炼出精简准确的分类规则。由于对数据中的孤立点采用了特殊的处理方法,因此对产生聚类规则的训练数据库进行添加和更新,该检测方法具有较强的可扩展性。通过仿真实验证明了该算法的有效性。

A fuzzy cluster algorithm （FCM） based data processing method for intrusion detection is introduced and some changes for the data characteristic are made The experimental results show that the method is effective to differentiate the normal process and the intrusion process correctly in some degree It also has the merits of faster computation and less resource utilization. The concise classification rules are derived with this new method. Because of the special treatment of the isolated points in the data and easy renewal or supplemmet of the classification rule set, this detection method has a strong extensibility. Simulation results illustrate that this algorithm is very efficient.