| With the rapid development of hardware technologies, the speed of network has become faster and faster. People can get more information what the forms changed from static to dynamic. The intrusion detection faced new challenge, it must improve the ability of processing the large and dynamic data sets, recognizing action of the invasion, identifying unknown attacks. Since the data mining technology can mined data model which people needed from the vast amounts data sets. So in recent years, people are very interested in the research of the combined of data mining and intrusion detection. Clustering algorithm has always been an important aspect of data mining research, the algorithm based on density and grid clustering has become research hotspot. Because the algorithm can handle arbitrary shape clusters, subject to noise is small, the data processing capability independent of the data size and so on,we put the algorithm applied to intrusion detection system.In this paper, at fist, we summarized on the main research of the intrusion detection system, data mining and clustering. Then we probe into the typical algorithm CLIQUE and improve it for achieving a better clustering results. One this basis, we posed the data stream clustering algorithm based on density and grid, it can be better applied to the data stream environment.At last, through established an incremental clustering modules, which including an on-line part to cluster and an off-line part to analysis, completed the database update and improved the detection rate of known and unknown invasion. The experiment result on KDDCUP99 showed that the proposed intrusion detection algorithm had better performance, adapt to the network data analysis requirements.Figure [9] table [9] reference [38]... |
PDF Full Text Request