摘要
为提高网络入侵检测系统的入侵识别能力,提出一种基于模糊C均值(FCM)聚类的入侵检测模型。该模型包括数据预处理器、FCM聚类处理器、类中心集更新器和检测系统,可以同时处理数值属性与符号属性。实验结果表明,与其他模型相比,该模型具有较低的误警率和较高的检测率。
This paper introduces Fuzzy C-means(FCM) clustering method,researches the methods of intrusion detection based on clustering analysis,and establishes a new model of network intrusion detection.The new model is included data pre-processor,clustering-component based FCM,Updater of clustering-center,and detection system,and improves the availability of intrusion detection system.Experimental result proves that the model can detect intrusion from the network connection data at a lower system false alarm rate and a higher detection rate.
出处
《计算机工程》
CAS
CSCD
北大核心
2011年第17期96-98,共3页
Computer Engineering
关键词
入侵检测
聚类分析
模糊C均值
欧氏距离
简单匹配系数
intrusion detection
clustering analysis
Fuzzy C-means(FCM)
Euclidean distance
Simple Matching Coefficient(SMC)