Research of Intrusion Detection Based on Clustering Analysis

2013 ◽  
pp. 1973-1979 ◽  
Author(s):  
Mingjun Wei ◽  
Lichun Xia ◽  
Jianguo Jin ◽  
Chen Chen
Keyword(s):  
Intrusion Detection ◽  
Clustering Analysis

scholarly journals LKM: A LDA-BasedK-Means Clustering Algorithm for Data Analysis of Intrusion Detection in Mobile Sensor Networks

2015 ◽  
Vol 2015 ◽  
pp. 1-11 ◽  
Author(s):  
Yuhua Zhang ◽  
Kun Wang ◽  
Min Gao ◽  
Zhiyou Ouyang ◽  
Siguang Chen
Keyword(s):  
Data Analysis ◽  
Sensor Networks ◽  
Intrusion Detection ◽  
High Dimension ◽  
Clustering Analysis ◽  
Clustering Algorithm ◽  
Mobile Sensor Networks ◽  
Mobile Sensor ◽  
Data Set ◽  
High Dimension Data

Mobile sensor networks (MSNs), consisting of mobile nodes, are sensitive to network attacks. Intrusion detection system (IDS) is a kind of active network security technology to protect network from attacks. In the data gathering phase of IDS, due to the high-dimension data collected in multidimension space, great pressure has been put on the subsequent data analysis and response phase. Therefore, traditional methods for intrusion detection can no longer be applicable in MSNs. To improve the performance of data analysis, we applyK-means algorithm to high-dimension data clustering analysis. Thus, an improvedK-means clustering algorithm based on linear discriminant analysis (LDA) is proposed, called LKM algorithm. In this algorithm, we firstly apply the dimension reduction of LDA to divide the high-dimension data set into 2-dimension data set; then we useK-means algorithm for clustering analysis of the dimension-reduced data. Simulation results show that LKM algorithm shortens the sample feature extraction time and improves the accuracy ofK-means clustering algorithm, both of which prove that LKM algorithm enhances the performance of high-dimension data analysis and the abnormal detection rate of IDS in MSNs.

Online Intrusion Behaviors: Sequences and Time Intervals

2010 ◽  
Vol 38 (10) ◽  
pp. 1307-1312
Author(s):  
Hao-En Chueh ◽  
Shun-Chuan Ho ◽  
Shih-Peng Chang ◽  
Ping-Yu Hsu
Keyword(s):  
Network Security ◽  
Intrusion Detection ◽  
Clustering Analysis ◽  
Pattern Analysis ◽  
Sequential Pattern ◽  
Intrusion Detection Systems ◽  
Time Intervals ◽  
Detection Systems ◽  
Intrusion Alerts ◽  
Network Environments

In this study we model the sequences and time intervals of online intrusion behaviors. To maintain network security, intrusion detection systems monitor network environments; however, most existing intrusion detection systems produce too many intrusion alerts, causing network managers to investigate many potential intrusions individually to determine their validity. To solve this problem, we combined a clustering analysis of the time intervals of online users' behaviors with a sequential pattern analysis to identify genuine intrusion behaviors. Knowledge of the patterns generated by intruder behaviors can help network managers maintain network security.

Intrusion Detection Method Based on LEGClust Algorithm

2012 ◽  
Vol 263-266 ◽  
pp. 3025-3033
Author(s):  
Yi Lin Zhao ◽  
Qing Lei Zhou
Keyword(s):  
Intrusion Detection ◽  
Clustering Analysis ◽  
Intrusion Detection System ◽  
Detection Method ◽  
Detection System ◽  
Learning Technology ◽  
Effective Technique ◽  
Analysis Technique ◽  
Data Connection

Clustering analysis is a typical unsupervised learning technology in data mining, which can improve the efficiency of intrusion detection system. LEGClust cluster algorithm is a new clustering analysis technique and it can effectively find the arbitrary shape clusters hidden in the data. We apply this algorithm to the intrusion detection field and present an intrusion detection method. We introduce the real dissimilarity among data into the determination of data connection relationship. Experiment results on KDD CUP1999 Dataset show that LEGClust algorithm is an effective technique for intrusion detection and the improved LEGClust performs even better.

scholarly journals Security detection of network intrusion: application of cluster analysis method

2020 ◽  
Vol 44 (4) ◽  
pp. 660-664
Author(s):  
W.H. Yang
Keyword(s):  
Intrusion Detection ◽  
Clustering Analysis ◽  
Simulation Analysis ◽  
Network Intrusion Detection ◽  
Detection Model ◽  
Network Intrusion ◽  
Cluster Analysis Method ◽  
Clustering Center ◽  
The Mean ◽  
Lower False Alarm Rate

In order to resist network malicious attacks, this paper briefly introduced the network intrusion detection model and K-means clustering analysis algorithm, improved them, and made a simulation analysis on two clustering analysis algorithms on MATLAB software. The results showed that the improved K-means algorithm could achieve central convergence faster in training, and the mean square deviation of clustering center was smaller than the traditional one in convergence. In the detection of normal and abnormal data, the improved K-means algorithm had higher accuracy and lower false alarm rate and missing report rate. In summary, the improved K-means algorithm can be applied to network intrusion detection.

Sign in / Sign up

Export Citation Format

Share Document