计算机应用 ›› 2011, Vol. 31 ›› Issue (07): 1898-1900.DOI: 10.3724/SP.J.1087.2011.01898

• 信息安全 • 上一篇    下一篇

基于图聚类的入侵检测算法研究

王国辉,林果园   

  1. 中国矿业大学 计算机科学与技术学院,江苏 徐州 221116
  • 收稿日期:2011-01-13 修回日期:2011-03-03 发布日期:2011-07-01 出版日期:2011-07-01
  • 通讯作者: 王国辉
  • 基金资助:

    江苏省自然科学基金项目;中国矿业大学青年科技基金项目

Intrusion detection method based on graph clustering algorithm

Guo-hui WANG,Guo-yuan LIN   

  1. School of Computer Science and Technology, China University of Mining and Technology, Xuzhou Jiangsu 221116,China
  • Received:2011-01-13 Revised:2011-03-03 Online:2011-07-01 Published:2011-07-01
  • Contact: Guo-hui WANG

摘要: 针对当前聚类算法仅依赖于初始聚类中心并且无法精确区别非凹形状类的不足,现将图学习知识应用到聚类算法中,提出了一种基于图聚类的入侵检测算法P-BFS。为得到较准确的分类模型,算法中引入了一种基于逼近函数的相似性度量方法。实验结果论证了图聚类思想应用于入侵检测系统的优越性;同时表明了,与K-means聚类算法相比,P-BFS图聚类算法具有较高的性能。

关键词: 入侵检测, 聚类分析, 图聚类, 逼近函数, 聚类熵

Abstract: Concerning the defects of the current clustering algorithm for its dependence only on the initial clustering center and failure in exactly distinguishing classes of non-concave shape, this paper applied the knowledge of group learning into the clustering algorithm and proposed the anomaly intrusion detection algorithm P-BFS based on graph clustering. In order to obtain more correct classification model, this algorithm introduced a measurement method of data points similarity based on the approximate function. The experimental results suggest the advantages of the application of the graph clustering algorithm in the intrusion detection system. In addition, it indicates that compared with the classical K-means clustering algorithm, P-BFS has better performance.

Key words: intrusion detection, clustering analysis, graph clustering, approximate function, clustering entropy

中图分类号: