Application And Research On Intrusion Detection System Based On Improved K-means Algorithm

With the continuous development of network technology and Internet users continues to increase, people benefit from the convenience of the Internet, at the same time, computer and network security protection system problems are more and more prominent. Network security is becoming increasingly important. The current network security technologies such as firewalls, message encryption as the first line of defense can not effectively stop the invasion from the network. Network attacks become more and more common and attack methods are becoming more and more complicated, intrusion Detection Technology with the network technology and the development of relevant disciplines becoming more and more mature as network security's second line of defense. It can be on the computer and the network of malicious use of resources to identify and respond to acts not only from external intrusion detection, but also the supervision of the internal users of unauthorized activities.In the context of the study, based on K-means cluster analysis, this paper carried out on the network intrusion detection research. To reduce the error rate and the seizure rate of false positives and improve the quality of goals Intrusion Detection, from the detection rate and false-positive rates of two important indicators, proposed to an improved K-means algorithm related to the main line of detection algorithm, and has done a computer simulation. At the same time, I have proposed a corresponding improvement on the K-means algorithm and preprocessing the data in the existing problems. This paper studies are as follows:From the background of intrusion detection research and development process, I introduced the invasion, intrusion detection and intrusion detection system's basic concepts and principles, I introduced the background of K-means cluster analysis be introduced to the field of intrusion detection, analysis of its starting point, the feasibility study and progress in this area and the related issues.Point to classical K-means algorithm difficult to determine the number of the Cluster Center, I give an algorithm to calculate the number of the Cluster Center. Point to classical K-means algorithm vulnerable to noise and the impact of isolated point defects I have improve the algorithm to reduce the noise and isolated points on the cluster effect. Point to classical K-means algorithm clustering algorithm effect on the heart is heavily dependent on the initial quality of the data input sequence and the shortcoming of the sensitivity, this paper presents a more accurate methord of find K clustering center, thus can be get better delineation effect.This improved K-means algorithm has be applied to the analysis of the data and I presents a real-time intrusion detection model. The simulation results show that: The intrusion detection system based on improved K-means algorithm in this paper reduced the error rate and the seizure rate of false positives and improved the quality of intrusion detection.