摘要
针对基于无监督聚类的入侵检测需要预先指定初始聚类中心和数目的问题,提出了一种基于仿射传播聚类的入侵检测方法,采用了仿射传播聚类实现入侵检测,将每个数据点都看作潜在的聚类中心,通过信息迭代更新自动决定最后的聚类中心和数目,能够获得准确的聚类结果。在对KDD CUP99数据集的仿真实验中验证了方法的可行性,实验结果表明,相比传统方法能有效提高检测率。
In order to address the issue in intrusion detection approaches based on unsupervised clustering that clustering centers and number have to be pre-defined,this paper proposes an intrusion detection approach based on affinity propagation clustering. This approach regards each data point as potential clustering center to equally and automatically determine final clustering centers and num- ber by updating messages exchanged between data points, and can obtain accurate clustering result. The proposed approach is proved to be feasible by the experiment implemented on KDD CUP99 dataset, and the result of experiment shows that this approach can effectively improve detection rate comparing to traditional clustering approaches.
出处
《无线电工程》
2013年第11期4-7,共4页
Radio Engineering
基金
国家自然科学基金资助项目(61271180)
国家重大科技专项资助项目(2012ZX03001022)
国家物联网专项基金资助项目(物联网无线频谱及通信安全测试服务平台)
关键词
入侵检测
异常检测
数据挖掘
无监督聚类
仿射传播聚类
intrusion detection
anomaly detection
data mining
unsupervised clustering
affinity propagation clustering
