摘要
传统K-means算法应用于入侵检测,存在聚类数目难以估计的缺点,导致入侵检测效果不佳。针对这个问题,提出了一种改进的K-means入侵检测算法。算法根据有效性指标确定最优的聚类数目;依据各维特征对聚类效果的影响进行加权;引入三支决策聚类方法改善聚类效果。在kddcup99数据集的实验结果表明,与传统K-means算法相比,改进后的K-means算法提高了入侵检测的检测率,降低了其误报率。
The traditional K-means algorithm has applied in intrusion detection,but it has the disadvantage that the number of clusters is difficult to estimate,which results in poor intrusion detection effect.To solve this problem,an improved K-means algo⁃rithm is proposed.In this paper,the optimal number of clusters is obtained by the validity index,and considering the different influ⁃ences of each dimension on the clustering,features is weighted.Three-way decision clustering method is introduced to improve the clustering effect.Experimental results on the kddcup99 dataset show that the improved K-means algorithm improves the detection rate of intrusion detection and reduces its false positive rate compared with the traditional one.
作者
季赛花
黄树成
JI Saihua;HUANG Shucheng(School of Computer,Jiangsu University of Science and Technology,Zhenjiang 212003)
出处
《计算机与数字工程》
2021年第11期2184-2188,共5页
Computer & Digital Engineering
基金
国家自然科学基金项目“基于鲁棒表现建模的目标跟踪方法研究”(编号:61772244)资助。
