A Parallel Clustering Ensemble Algorithm for Intrusion Detection System
Clustering analysis is a common unsupervised anomaly detection method, and often used in Intrusion Detection System (IDS), which is an important component in the network security. The single cluster algorithm is difficult to get the great effective detection, and then a new cluster algorithm based on evidence accumulation is born. The IDS with clustering ensemble has a low false positive rate and high detection rate, however, the IDS is slow to detect the mass data stream, and it can not detect the attacks in time. This paper presents a parallel clustering ensemble algorithm to improve the speed and the effective of the system. Finally, the KDDCUP99 data set is used to test the system show that the IDS have greatly improvement in time and efficiency.
component Parallel Clustering Ensemble Intrusion Detection System Evidence Accumulation
Hongwei Gao Dingju Zhu Xiaomin Wang
Cloud Computing Lab Shenzhen Institutes of Advanced Technology, Chinese Academy of Science Shenzhen, Computer and Software Institute Shenzhen University Shenzhen, China
国际会议
香港
英文
450-453
2010-08-12(万方平台首次上网日期,不代表论文的发表时间)