Research On K Means Clustering Algorithm Based On Modified DE Algorithm In Intrusion Detection

Nowadays, the pace of the Internet technology continues to move forward, the site has been threatened by more and more people's attention. Website security is not only a technical matters, but also it will influence the safety and constancy of the world. In many of the website safety technology, IDS stand out, it is technology analysis of the site collection of important information, to distinguish whether is normal or intrusion behavior, IDS is one of on site detection, analysis, alarm active security defense system.The function of IDS is to detect the behavior of the website and distinguish the intrusion event, it can divide the data of the website behavior. IDS divides the data into two groups:normal and abnormal data, the abnormal behavior of the judgment that the intrusion detection. IDS has a quickly and effectively explore all kinds of intrusion behaviors, every moment to protect the security of network system and resources, through active defense became a firewall is a good helper, until today IDs have been playing more and more important role in web security.Our study work of this article can be seen as below:the beginning of this paper, first of all, the relevant aspects of the intrusion detection system research, and then introduces the knowledge and the concept of clustering analysis. In the clustering algorithm, this paper chooses the K-means processing base of intrusion detection data, and the clustering results are affected by the initial clustering centers using differential evolution (referred to as DE) algorithm to the majorization. In the DE algorithm, this study has two improvements:on the one hand is the improvement of algorithm parameters of CR?F all adopt a dynamic, another algorithm fusion characteristics of chaos optimization algorithm, the chaos initialization and evolution stage of the best individual chaotic search calendar over optimization. In the experimental stage, Firstly, the data of intrusion detection data were processed by PCA and other methods. Secondly, the corresponding intrusion detection model is established based on the improved algorithm CDE-K-means algorithm. And using MATLAB programming to achieve the detection of the model on the KDD99 data, experimental data results showed, In this paper, the optimization of the K- mean clustering algorithm has played a very good result, to improve the detection ability of K-means, the problem of excessive dependence on initial cluster centers is improved. In view of the K-means algorithm can not be qualified for large data volume clustering problem, the author built more popular in recent years the Hadoop distributed system and in the system with mahout data mining tool to realize the extraction of data distributed K-means clustering algorithm, and the transmission of traditional stand-alone K-means algorithm in time were compared and analyzed.