Research On Intrusion Detection Based On Fuzzy Clustering

With the rapid development of Internet technology,people's work,study,life is more convenient,but at the same time network security problems are also increasingly serious,the traditional firewall and other static means of defense has been unable to effectively protect the network.Intrusion detection is a proactive means of defense that can detect system and network data in real time,detect intrusions in a timely manner,and respond to intrusions according to security policies.Clustering-based intrusion detection algorithms have low quality requirements for training data sets,do not require predefined training data labels,and can detect unknown types of attacks,but such algorithms are sensitive to initial parameters and are prone to fall into local optimization,which affects the effectiveness of the clustering algorithm and the accuracy of intrusion detection.In this dissertation,a detailed analysis of the intrusion detection and clustering algorithm is performed,On this basis,a firefly fuzzy clustering algorithm based on Levy flight is proposed and applied to intrusion detection.The main contents of this dissertation are:(1)Fuzzy C-Means clustering algorithm is sensitive to the initial clustering center and is easy to fall into local optimization.Therefore,a Firefly Fuzzy C-Means clustering Algorithm based on Levy flight(LFAFCM)was proposed.The algorithm changes the random movement strategy of the firefly algorithm,using the Levy flight mechanism to balance the algorithm's local search and global search capabilities.Dynamically adjusting the firefly scale factor based on the number of iterations and firefly location,limiting the searchable range of the Levy flight and speeding up the algorithm convergence.The validity of the algorithm was verified with five UCI data sets.(2)A feature selection algorithm based on information gain and Markov blanket is proposed to address the problem that data in intrusion detection contains many redundant and irrelevant features,which leads to consuming a lot of resources,increasing algorithm training time and even reducing intrusion detection accuracy.(3)The LFAFCM-based intrusion detection algorithm is proposed by applying the feature selection algorithm and LFAFCM to intrusion detection.The feature sets with high correlation and low redundancy are first screened from the intrusion detection dataset,and then a behavioral pattern library is constructed using the clustering algorithm to determine whether an intrusion has occurred by comparing the data with the behavioral pattern library.(4)Using the KDD CUP99 intrusion detection data set,the effectiveness of the proposed LFAFCM-based intrusion detection algorithm is validated and compared with FCM-based intrusion detection,K-Means-based intrusion detection,and other algorithms.The experimental results show that the LFAFCM-based intrusion detection algorithm can effectively detect anomalous data with a high detection rate.