摘要
针对异常入侵检测技术中传统聚类方法需要被检测类大小均衡的问题,在商空间粒度理论的基础上,论述了商空间粒度变换可以使复杂问题在不同的粒度世界求解,最终使整个问题得到简化。分析了商空间划分与聚类操作的相似性,提出了基于商空间的粒度聚类方法。将该方法与入侵检测技术相结合,构建了基于商空间粒度聚类的入侵检测系统,用于对KDD CUP 1999数据集的异常入侵检测,实验结果表明该入侵检测系统的性能明显优于基于传统聚类方法的入侵检测系统,从而证明了该方法的正确性和有效性。
In view of the equilibrium detection class issue that traditional clustering methods requires in anomaly intrusion detection technology,we argue in this paper based on the quotient space granularity theory that the quotient space granularity transformation is able to solve complex problem in different granularity world,which at last results in simplifying the whole problem.Then we analyze the similarity of the quotient space division and the clustering operation and put forward the method of granularity clustering based on quotient space.Moreover,by combining the method with intrusion detection technology,we establish the intrusion detection system which is based on quotient space granularity clustering and used for anomaly detection of the KDD CUP 1999 data sets.Experimental results show that the intrusion detection system evidently outperforms other systems based on traditional clustering method.All these prove the correctness and effectiveness of the method.
出处
《计算机应用与软件》
CSCD
2011年第1期127-129,156,共4页
Computer Applications and Software
基金
山西省自然科学基金项目(2007011042)
中北大学青年科学基金项目(2008)
关键词
商空间
粒度计算
聚类
异常入侵检测
Quotient space Granularity computing Clustering Anomaly intrusion detection