计算机科学 ›› 2017, Vol. 44 ›› Issue (5): 116-119.doi: 10.11896/j.issn.1002-137X.2017.05.021
尹娜,张琳
YIN Na and ZHANG Lin
摘要: 为了提高异常检测系统的检测率,降低误警率,解决现有异常检测所存在的问题,将离群点挖掘技术应用到异常检测中,提出了一种基于混合式聚类算法的异常检测方法(NADHC)。该方法将基于距离的聚类算法与基于密度的聚类算法相结合从而形成新的混合聚类算法,通过k-中心点算法找出簇中心,进而去除隐蔽性较高的少量攻击行为样本,再将重复增加样本的方法结合基于密度的聚类算法计算出异常度,从而判断出异常行为。最后在KDD CUP 99数据集上进行实验仿真,验证了所提算法的可行性和有效性。
| [1] ANGIULLI F,BASTA S,PIZZUTI C.Detection and prediction of distance-based outliers[C]∥Proceedings of the 2005 ACM Symposium on Applied Computing.ACM,2005:537-542. [2] ZHU Y W,YANG J H,ZHANG J X.Anomaly detection based on traffic information structure[J].Journal of Software,2010,21(10):2573-2583.(in Chinese) 朱应武,杨家海,张金祥.基于流量信息结构的异常检测[J].软件学报,2010,21(10):2573-2583. [3] GAO Y,ZHOU W,HAN J Z,et al.An online log anomaly detection method based on grammar compression[J].Chinese Journal of Computers,2014,37(1):73-86.(in Chinese) 高赟,周薇,韩冀中,等.一种基于文法压缩的日志异常检测算法[J].计算机学报,2014,37(1):73-86. [4] BREUNIG M M,KRIEGEL H P,NG R T,et al.LOF:identi-fying density-basedlocal outliers[J].ACM Sigmod Record,ACM,2000,29(2):93-104. [5] LEE Y J,YEH Y R,WANG Y C F.Anomaly Detection via Online Oversampling Principal Component Analysis[J].IEEE Transactions on Knowledge and Data Engineering,2013,25(7):1460-1470. [6] CHANDOLA V,BANERJEE A,KUMAR V.Anomaly detec-tion:A survey[J].ACM Computing Surveys (CSUR),2009,41(3):1-58. [7] PARDESHI B,TOSHNIWAL D.Improved K-medoids clustering based on cluster validity index and object density[C]∥Proc of the 2nd IEEE International Advance Computing Conference.2010:379-384. [8] BADRAN K,ROCKETT P.Multi-class pattern classificationusing single,multi-dimensional feature-space feature extraction evolved by multi-objective genetic programming and its application to network intrusion detection[J].Genetic Programming and Evolvable Machines,2012,13(1):33-63. [9] KUANG L,ZULEMINE M.An anomaly intrusion detectionmethod using the csi-knn algorithm[C]∥Proceedings of the 2008 ACM Symposium on Applied Computing.ACM,2008:921-926. [10] HU M X.Intrusion detection algorithm based on BP neural network[J].Chinese Journal of Computers,2012,38(6):148-150.(in Chinese) 胡明霞.基于BP神经网络的入侵检测算法[J].计算机工程,2012,38(6):148-150. [11] HUANG M M,LIN B G.Fuzzy clustering method based on genetic algorithm in intrusion detection study[J].Journal on Communications,2009,30(11):140-145.(in Chinese) 黄敏明,林柏钢.基于遗传算法的模糊聚类入侵检测研究[J].通信学报,2009,30(11):140-145. [12] ZHANG L,BAI Z Y,LUO S S,et al.Integrated intrusion detection model based on rough set and artificial immune[J].Journal on Communications,2013(9):166-176.(in Chinese) 张玲,白中英,罗守山,等基于粗糙集和人工免疫的集成入侵检测模型[J].通信学报,2013(9):166-176. [13] TSAI C F,CHENG K C.Simple instance selection for bankruptcy prediction[J].Knowledge-Based Systems,2012,27(3):333-342. |
| No related articles found! |
|
||
首页