利用聚类算法找出新的攻击
Detecting New Intrusion Types Using Clustering Algorithm
-
摘要: 改进了利用聚类算法查找孤立点的算法,提出在应用到入侵检测的过程中应该结合领域知识、考虑数值性质,这样可以提高检测质量。通过对收集到的网络数据的属性进行计算,找出其中的孤立点,可以使得检测系统在不需要手工编码和标识的训练数据前提下就能检测出攻击。最后通过比较多组实验数据,提出了一种比较有效的检测策略。Abstract: In this paper, we propose a method using clustering algorithm to detect intrusion attacks. Detecting precision is improved by taking domain knowledge and numerical value quality into account. Through a series of experiments, our algorithm is proved to be efficient.