Dos Attack Detection Model Based On Improved K-means Algorithm

With the rapid spread of computers and networks,the number and frequency of network attacks has increased dramatically,with denial of service attacks occurring the most and causing the most damage to the network environment.One researcher once compared Dos attacks to a network’s "nuclear weapon":once a large number of bot machines and vulnerable open servers are mobilised in a network,they can devastate any network service.During the first half of 2020,AWS Amazon servers suffered a record-breaking 2.3T DDos malicious attacks.Intrusion detection for denial-of-service attacks has now become the focus of Internet security.In this paper,a Dos attack detection model based on improved K-means algorithm is proposed to detect threats in the network environment.In this paper,the traditional K-means clustering algorithm is improved from two aspects.Firstly,to address the shortcoming that the clustering results of the original K-means algorithm are greatly affected by the initialised centroids,a probabilistic K-means clustering centroid initialisation algorithm is proposed,which assigns a selection probability to the centroid selection object to avoid the clustering centroid spacing being too small,where the selection probability is determined by the value of the measurement function of the selected object,so as to improve the stability and efficiency of the clustering results.Secondly,to address the sensitivity of the K-means clustering algorithm to data dimensionality,this paper explores extending the K-means model in the multidimensional space feature vector dimension,where the model extends the feature vector dimension of the data object to the multidimensional space,and then adjusts the weights of each feature vector to find the optimal solution to compensate for the clustering result distortion caused by too few measurement dimensions and no scaling mechanism of spatial distance.The K-means algorithm for expanding the dimensionality of the eigenvectors with weights improves the clustering accuracy.The multidimensional spatial feature vector clustering results have uncertainty.To address this problem,this paper uses genetic algorithms to perform supervised parameter optimisation of the multidimensional spatial feature vectors until the obtained parameters make the K-means clustering results closer to the true facts.In the process of optimisation the feature space is compressed according to the correlation between the multidimensional feature weights and the clustering results,and feature vectors with positive gain for detecting Dos attacks are obtained to improve the running speed and convergence efficiency of the algorithm.Ultimately,we validate the theory with experiments,and in this paper we improve the clustering accuracy to 96.875%using the NSL-KDD dataset.In addition,we conducted a large number of experiments to compress the feature vector dimensions and obtained the compressed feature vectors through supervised optimisation,and brought them into the test set for K-means clustering.The experiments yielded a clustering accuracy that was not only free of loss and improved from that before compression,but also a much faster convergence rate.A comprehensive analysis of the experimental results shows that the Dos attack detection model based on improved K-means algorithm proposed in this paper achieves better results in detecting Dos attacks.