Research And Application Of Cluster-based Outlier Mining In Intrusion Detection

With the meteoric rise of computer network technology, the trend of human development are becoming more and more informationalized, the network security problem also gradually stand out and it makes great attention. As an important part in the computer security field, Intrusion detection plays an important role in the security protection system. In recent years, a large number of data mining technology is widely applied in intrusion detection field, but most of the algorithms is only to do general pattern research in view of the data set. However, in our real life, some data is inconsistent with the dataset of most data activities in every field, these objects are referred to as outliers. Identify outliers detection is in view of the data set small model. Therefore, outliers mining technology to detect intrusion behavior including the unknown intrusion behavior is meaningful and practical significance.This paper mainly studied the outliers mining algorithm based on clustering applied in intrusion detection. At first, it introduced the clustering of outliers mining algorithm in detail and made a research on outliers mining algorithm based on clustering applied in intrusion detection deeply. On the basis of the common intrusion detection model, this paper propose a new intrusion detection model based on outliers mining method. At the same time, it has improved the traditional DBSCAN algorithm, proposed a intrusion detection method which clustering algorithm combined with outlier mining algorithm. The method is to cluster most aggregated data at first and clear it. Then, detect the rest of data by outlier mining algorithm. Through the experiment, it proved that the improved algorithm is higher performance.In this paper, the main work includes:(1) Make a research on intrusion detection technology and Data mining technology is how to apply in Intrusion Detection, analyzed the research status of intrusion detection technology, analyzes the different methods of outliers mining and analyzes the different methods of outliers mining, clustering method to their application in intrusion detection research status and the advantages and disadvantages.(2) Make an analysis of the intrusion detection model in deep, and on the basis of the general intrusion detection model, presents an intrusion detection model for outliers mining algorithm.(3) Make an analysis and research deeply on traditional DBSCAN algorithm, and then to improve it in some means to improve the efficiency of the DBSCAN algorithm. And put forward a kind of intrusion detection algorithm.which clustering algorithm combining to outliers mining algorithm.(4) Make an analysis and research on KDD Cup 99 data set, and to cluster the data set by improved DBSCAN algorithm, then make a pruning, test the result with local outlier mining and test the effect of the algorithm.This paper puts forward a intrusion detection method which improved DBSCAN algorithm combined with local outlier mining algorithm. And to evaluate the algorithm performance from two aspects which is the detection rate and the rate of false positives. The experimental results show that local outliers mining algorithm has good effect for anomaly intrusion detection.