摘要
主要就入侵检测系统的检测方法展开研究,分析探讨了聚类算法中K-means算法的优点以及缺点,并针对其主要缺点进行改进。对此,文章结合传统聚类分析的缺点,分别从孤立点的优化和K值的取值上进行优化,并给出了其具体的实现步骤;然后在以上的基础上,对入侵检测系统进行了初步的搭建,并给出了整体框架和主要功能;最后,在改进K-means算法和入侵检测系统构建的基础上,通过试验测试的方式对以上方法进行验证,得到改进后的入侵误报率低,从而为提高入侵检测系统的性能提供了一种新的方法。
This paper mainly studies the detection methods of intrusion detection system, analyzes the advantages and disadvantages of K-means algorithm in clustering algorithm, and improves its main shortcomings. According to the shortcomings of the traditional clustering analysis, the paper optimizes the isolation point and the value of the K value respectively, and gives its specific implementation steps. Then, on the basis of the above, the intrusion detection system is initially built,and the overall framework and main functions are given. Finally, the improvement of the K-means calculation is made. On the basis of the construction of the method and intrusion detection system, the above methods are verified by test and test, and the improved intrusion misinformation rate is low. Thus, a new method is provided to improve the performance of the intrusion detection system.
作者
常刚
罗作民
CHANG Gang;LUO ZUOmin(Shanxi Vocational and Technical College,Xi'an,Shanxi,710038;Institute of Computer Science,Xizhai University of Technology,Xi'an,Shanxi,710038)
出处
《自动化与仪器仪表》
2018年第9期110-113,共4页
Automation & Instrumentation
基金
陕西省教育厅服务地方专项计划项目(17JF023)
西安市科技计划项目(2017080CG/RC043)
关键词
聚类算法
入侵检测
系统设计
孤立点
k值
clustering algorithm
intrusion detection
system design
outlier
K value
