| The rapid growth of Information technology nowadays makes people’s daily life quite convenient. On one hand, it becomes easy to share many kinds of information resources to a great extend depending on the open characteristic which the interconnection and interworking Internet has, the Internet creates and expands ways to share resources. On the other hand, although humans rely on information management and handling more and more in different fields such as politics, military affairs, economy and industry, yet information security on the Internet is facing serious threats gradually caused by not paying enough attention to the security issues on the design of the information networks from the word go. Today information security has become a serious problem impacting on society, the people’s livelihood and even the national security. To deal with the threat on the information security, some passive means of security defense such as encryption, firewall, and redundant technique and so on, which can only solve part of the security problem has been brought in. But these means are lack of initiative protection of the information system due to its fundamental property of passive defense, when facing the complex and updated attacks. To enhance the ability of initiative defense for the information system, intrusion detection is brought in as an initiative defense technique to strongly complement the passive defense techniques. Intrusion detection has become an important research area on the information networks’ security.Data mining has been widely used in intrusion detecting for its capability of extracting useful knowledge from the massive data sets and it can improve the final result of the intrusion detecting system quite a lot. The intrusion detection model based on the fuzzy clustering analysis technique can handle the intrusion data neatly and efficiently and fuzzy clustering has strong ability to detect unknown attacks. But the algorithm still has obvious defects, so it’s necessary to make it better to use. The main work of this paper is to analyze and improve the fuzzy clustering algorithm applying to intrusion detection.In this paper, first, start from the traditional fuzzy c-means(FCM) algorithm. When traditional FCM algorithm is easy to get locally optimal solution by randomly selecting the initial cluster center and the amount of calculation of the distance between objects and cluster center in each iteration, this paper proposes two improvement schemes, one is using point density based the maximum and minimum distance method to choose better initial cluster centers; the other is dynamically fasten cluster centers during iteration. Second, import Na?ve Bayes Classification to form intrusion detection module with the modified FCM algorithm, aiming at improving detecting rate and reducing false alarm rate. Last, make simulation experiments in two aspect, one is making simulation experiments on the modified FCM and traditional FCM using different kinds of data sets to show the modified FCM is better, the other is using KDD CUP99 data set to test the combination of modified FCM and Na?ve Bayes Classification based intrusion detection module, and the result shows this module works better on detecting rate and false alarm rate. |
PDF Full Text Request