Intrusion Detection Based on Simulated Annealing and K-means Clustering
A novel intrusion detection method is proposed, which combines the simulated annealing (SA) and the K-means clustering. In order to get global optimal cluster, the global optimize ability of S A is used to remedy the local extremum shortcoming of K-means clustering algorithm. With the classified data instances, anomaly data clusters can be easily identified by normal cluster ratio. And then the identified cluster can be used in the detection of intruding action. The experiment in the KDDCUP99 data set indicates that the method has a better detecting effect than traditional K-means algorithm.
Simulated annealing K-means clustering Intrusion detection
Wu Jian
Department of Information Science and Technology, Shandong University of Political Science and Law, Jinan Shandong 250014
国际会议
武汉
英文
1001-1005
2010-06-06(万方平台首次上网日期,不代表论文的发表时间)