Research Of Intrusion Detection Method Based On K-means

With the rapid development of computer technology and network technology,the Internet has entered the millions of households,peop le's way of work and lifestyle are being changed by the Internet.Due to the presence of a variety of valuable personal information and business secrets in the network,a large number of criminals began various attacks on the network and caused incalculable losses,thus the concept of information security has gradually.Firewall,access control,encryption and other static security technologies have been developed to deal with various attacks.Sstatic security technology can only protect information security passively and limited.In order to solve this problem,active security technology based on intrusion detection is developed.Intrusion detection technology dynamically detects attacks by monitoring network traffic data and system audit data,and plays a better complement to the traditional static security technology.The key step of intrusion detection system is to build behavior contour feature library.clustering which is a common method of data analysis and processing analysis is suitable for constructing behavior contour feature database.Cluster analysis can find the internal characteristics and connections of data,and strengthen the ability of intrusion detection system to analyze and process large amounts of data,and improve the detection accuracy.In this paper,we use an improved k-means algorithm to build the feature profile database construct and an intrusion detection system based on hybrid detection model.The improved algorithm overcomes the shortcomings of the traditional K-means algorithm which relies on the input k value,can not deal with discrete features and is easily affected by noise.And the algorithm has better applicability for building the feature contour library.In this paper,we use density based local outlier coefficient method to deal with clustering results and use the method based on the location of cluster centers to detect intrusions.Finally,we use the improved k-means algorithm to build a behavior profile feature library which is based on KDD Cup 99 data sets and to verify the clustering ability of the algorithm and the availability of the intrusion detection system which is based on a hybrid detection model.