摘要
将万有引力的思想引入聚类分析,提出一种基于引力的聚类方法和度量聚类异常程度的引力因子概念,同时给出了一种计算聚类阈值的简单而有效的方法,在此基础上提出一种新的入侵检测方法GBID。GBID关于数据库的大小、属性个数具有近似线性时间复杂度,这使得GBID具有好的扩展性。在KDDCUP99数据集上的测试结果表明,GBID在准确性方面优于文献中已有无指导入侵检测方法,且对新的入侵有一定的检测能力。
The idea of universal gravitation was introduced to clustering analysis, and a gravity-based clustering algorithm and a simple method calculating clustering threshold were presented. The gravity factor measured deviating degree of a cluster and a new intrusion detection approach, which named GBID, were proposed. Time complexity of the detection approach is nearly linear with the size of dataset and the number of attributes, which results in good scalability. The experimental results on dataset KDDCUP99 show that GBID outperforms the existing unsupervised intrusion detection approaches on accuracy and has capability to detect unknown intrusions.
出处
《系统仿真学报》
EI
CAS
CSCD
北大核心
2005年第9期2202-2206,共5页
Journal of System Simulation
基金
国家自然科学基金项目(60273075)
关键词
万有引力
聚类
引力因子
入侵检测
Universal gravitation
Clustering
Gravity factor
Intrusion detection