Research And Application Of Affinity Propagation Clustering Based Outlier Detection In Intrusion Detection

In recent years,data mining in many directions have made big break,and in the field of intrusion detection has also made many results.However,most of the algorithms studied only for the general pattern of data sets,but at some point it seems that are not consistent with most data patterns and behaviors in the data set also have very important research values.These points are called an outlier,and the cluster of small number of outliers is called outlier-cluster.In data mining,the use of some algorithms to divide the data set out of these outliers or out-of-cluster method is called outlier detection.In a network environment,intrusion is usually a very small part of the behavior of the network,so it is essentially an outlier.Therefore,this feature provides the theoretical and practical significance for the application of outlier detection to intrusion detection.In this paper,we mainly study the application of outlier detection algorithm based on affinity propagation clusting in intrusion detection,and introduce and analyze the commonly used outlier detection algorithm at home and abroad,and make a detailed introduction to the affinity propagation algorithm.It is proved that the algorithm is applied to the feasibility of outlier detection,and an affinity propagation clustering based outlier detection is proposed.And the intrusion detection algorithm model and process based on outlier detection are designed.The data set is clustered by AP algorithm and the outlier exponent is calculated.The validity of the proposed algorithm is verified by some experiments.The main work of this paper is as follows:(1)In-depth study of outlier detection technology,analysis of the status of outlier detection technology,detailed description of the various methods of outlier detection technology,and analysis of the advantages and disadvantages of these methods.(2)A detailed description of the affinity propagation clustering algorithm is proposed.According to the characteristics of the affinity propagation algorithm and the characteristics and environment of the outlier detection,the feasibility of the affinity propagation algorithm applied to the outlier detection is verified,then put forward ODAP algorithm.(3)In-depth study of the intrusion detection technology,and put forward model and process through the detection of intrusion detection based on the outlier detection.(4)The outlier detection algorithm based on neighbor propagation is designed to apply to the intrusion detection experiment program.The network intrusion detection data set KDD CUP 99 is studied and analyzed,and the algorithm and data set are used to experiment and verify the effect of the algorithm.