| The Intrusion Detection technology, a new and active security technology, compensates the defects of traditional protection mechanism system with great effectiveness. But in the face of rapid updated network configurations, the drastic increase of network traffic and many new attack methods, traditional Intrusion Detection System (IDS) has some limitations. The combination of fuzzy cluster and intrusion detecting enables the intrusion detection system to have the ability of self-study and to have a better analyzing on a vast amount of data as well as to enhance the detecting ability and lighten security managers'work. The combination is practical and conforms to the trend of the development of intrusion detection system.This paper studies on the intrusion detection based on fuzzy cluster, analyses the intrusion detection technology, and concludes its developing direction. The main works of this paper are summarized as follows:1. Initialization Method is substituted for the choice of Radom and is used to improve the present FCM algorithm and reduce the false detection.2. Approximated K-median is introduced in the determination of the clusters'center, avoidance of non-clusters and lessening of the influence of Outlier Analysis on fussy clusters.3. A modified Similarity Measure Function, called Dsim( ), is proposed in order to solve the problem of non-contrasting behavior high dimensional space.4. A learning algorithm, called DCFCM, is advanced through the combination of Dsim( ) and Approximated K-median and applied in intrusion detection which solves the problem of sharp border effecting problems and realizes the detection of abnormal incurrence.The result of emulation examinations on KDD CUP 1999[1] indicates the system, greatly increase the detecting speed, the efficiency of intrusion detection, and can detect variety of unknown intrusions. |
PDF Full Text Request