摘要
网络安全己经成为现如今社会发展的重要保障,而入侵检测系统在网络安全的体系结构中占着举足轻重的地位。传统的基于聚类分析的网络入侵检测方法需要预先设定聚类数目且无法处理噪声数据,但入侵检测系统获取的网络行为记录具有很强的随机性,其聚类数目和聚类形状难以事先确定,故需要更鲁棒的聚类方法进行入侵检测。本文提出一种基于密度峰值聚类的网络入侵检测方法,该方法利用了密度峰值聚类算法的优点,无需迭代、参数鲁棒、自动获取聚类数目,并且可以很好地处理噪声数据和入侵检测系统所获取的网络行为记录,挖掘更有效的入侵信息。最后通过对KDD CUP 1999数据集的实验验证,验证本文方法的有效性和精确性。
Network security has become an important guarantee for the development of the society,and intrusion detection system plays an important role in the network security architecture.The traditional network intrusion detection method based on clustering needs to set the number of clusters in advance and cannot process noises,but the network behavior records obtained by the intrusion detection system have strong randomness,and the number of clusters and the shape of the clusters are difficult known in advance.Thus,more robust clustering methods are needed for intrusion detection.In this paper,a network intrusion detection method based on density peaks clustering is proposed.This method takes advantage of the advantages of density peaks clustering algorithm.It does not need iteration,has robust parameters,automatically obtains the number of clusters,and can well deal with noise data and network behavior records obtained by intrusion detection system,mining more effective intrusion information.Finally,the effectiveness and accuracy of the proposed method are verified by experiments on KDD CUP 1999 data set.
作者
杜淑颖
DU Shuying(School of Information Management,Xuzhou Vocational College of Bioengineering,Xuzhou Jiangsu 221000;School of Computer Science and Technology,China University of Mining and Technology,Xuzhou Jiangsu 221116)
出处
《软件》
2022年第6期40-46,共7页
Software
基金
江苏高校“青蓝工程”资助
江苏省高等职业院校专业带头人高端研修资助项目(2021GRFX074)。
关键词
聚类
密度峰值聚类
网络安全
入侵检测
clustering
density peaks clustering
network security
intrusion detection
