Since the intrusion detection method based on One-Class Support Vector Machine (OCSVM) can not detect internal abnormal points and outliers, which leads to the deviation of decision function from training samples. A new OCSVM anomaly detection function combining DBSCAN (Density-Based Spatial Clustering of Applications with Noise) and K-means was proposed. Firstly, the outliers in the training data were removed by DBSCAN algorithm to eliminate the influence of outliers. Then, K-means clustering method was used to classify normal data clusters, so that the internal abnormal points could be selected. Finally, a one-class classifier for each data cluster was created to detect exception data by OCSVM algorithm. The experimental results on industrial control networks show that the combined classifier can detect the intrusion attacks of the industrial control network by using normal data, and it can improve the detection effect of OCSVM algorithm. In intrusion detection experiment of gas pipeline, the overall detection rate of the proposed method is 91.81%, while the overall detection rate of OCSVM algorithm is 80.77%.