摘要
传统的入侵检测方法在面对多变的网络结构时缺乏可扩展性,而且在未知的攻击类型面前也缺乏适应性。因此,提出一种新的检测方法———基于遗传聚类的网络异常检测(NAIDGC)算法。对聚类中心采用二进制编码,把每一个点到它们各自的聚类中心的欧几里得距离的总和作为相似度量,通过遗传算法寻找聚类中心。计算机仿真结果显示了此算法对入侵检测是有效的。
Traditional intrusion detection methods lack extensibility in face of changing network configurations as well as adaptability in face of unknown attack type. Therefore, a new detection algorithm, the Network Anomaly Intrusion Detection based on Genetic Clustering (NAIDGC) algorithm is proposed in this paper. The cluster centers are binary encoded. The sum of the Euclidean distances of the points from their respective cluster centers is adopted as the similarity metric. The near optimal cluster centers are chosen by the genetic algorithm. Computer simulations show that this algorithm is effective for intrusion detection.
出处
《计算机应用与软件》
CSCD
北大核心
2006年第9期24-25,88,共3页
Computer Applications and Software
基金
国家自然科学基金项目(60374042)
关键词
入侵检测
异常检测
遗传算法
遗传聚类算法
Intrusion detection Anomaly detection Genetic algorithms Genetic clustering algorithms