| Intrusion detection is one of the most important part of network security mechanism. Usually most practical Intrusion Detection Systems (IDSs) in existence only compare the audit data with the attack pattern database, and find the actions in collision with security strategy. But Intrusion Detection (ID) also needs data mining methods to discover the more complex and hidden attack behaviors in audit data. Traditionally, we used C-means method, clusters similar data instances together into clusters and distance metrics are used on clusters to determine what is an anomaly. But there is some disadvantages in this method, such as the results of the cluster is sensitive to the data input sequence, furthermore, it is a local optimum algorithm. Farther research is done to deal with the problem above, and the corresponding solutions are given.1. Intrusion detection method based on immune fuzzy C-means clustering algorithm is presented .2. Clone principle is led into evolutionary computing, and a hybrid algorithm is combining antibody clone strategy with fuzzy C-means clustering method is given. It is used in intrusion detection.Immune clone strategy is introduced into C-Means algorithm, which can effectively tackle those problems of nonstability, slow convergence and nonideal clustering that exist in IDS with the traditional C-means. The experimental results reveal that the system can detect variety of unknown abnormal intrusions, and demonstrate that our combined clustering algorithm has good performance.
|
PDF Full Text Request