关键词: 入侵检测, 异常检测, 聚类分析, K-means算法, DBSCAN算法

Abstract: High efficiency of the algorithm is the key if Clustering Algorithm is applied to anomaly detecttion. In order to improve anomaly detection, this thesis advanced a new clustering algorithm that deals with the net data partially by real-time processing, improving and integrating the DBSCAN Algorithm and K-means Algorithm. It is proved in experiments that the new Algorithm can improve the detection rate, reduce the false positive rate and enhance the real-time responding ability of the system.

Key words: intrusion detection, anomaly detection, cluster analysis, K-means algorithm, Density-Based Spatial Clustering of Application with Noise (DBSCAN) algorithm