The Intrusion Detection technology is a new security technology, apart from traditional security protecting technology, such as firewall and data encryption. It monitors the computer or network and reacts to the vicious intrusion or suspicious activities. It has become more and more important.The class of the Intrusion Detection technology, common detection method and work theory was discussed firstly. Then the main problems of the present IDS and the developing trend were analyzed, indicating that the study of new detection algorithm is one of main developing aim.This paper proposed a method that applys an evolutionary semi-supervised fuzzy clustering (ESSFC) algorithm to intrusion detection system (IDS). This algorithm requires a small number of labeled data only and a large number of unlabeled data. It is well suited for the status quo that gained labeled data difficultly and gained unlabeled data easy by some instruments. This algorithm can deal with fuzzy label and uneasily get into locally optima. Real-valued function optimization, in which the optimization surface is "rugged" or processes many locally optima, and is well suited for ESSFC algorithm. Moreover, ESSFC algorithm is able to exhibit parallelism, and is suited to implement on massively parallel architecture. The classifier produced by ESSFC algorithm classifies the intrusion data, which is easy to handle, calculates a few and has high detection efficiency. Therefore, it is well suited for application.Experimental results indicate that the IDS based on ESSFC algorithm can improve classification accuracy more significantly than the one based on fuzzy c-means algorithm. It takes the advantage of a small number of labeled data that is based on support vector machines algorithm. In conclusion, the IDS algorithm based on ESSFC is a good algorithm.
|