Hybrid Intrusion Detection Method Based on Improved Bisecting K-means in Cloud Computing
Compared with traditional IT infrastructure, cloud computing system has many new features, such as virtualization and data outsourcing.The new architecture brings about higher resource utilization, and also introduces a number of new security risks.Therefore we need to study new intrusion detection technology suitable to cloud computing environment to address these risks.Aiming at characteristics and security challenges of cloud computing, and based on silhouette coefficient and partitioned clustering subspace method to improve the bisecting K-means unsupervised learning method, this paper proposes a hybrid distributed intrusion detection method capable of detecting both known and unknown attacks simultaneously.The method can obtain the value of initial cluster center more stably, and generate cluster center table of intrusion detection engine, reduce false positive rates and false negative rates of known attacks, achieve unknown attack detection, and accelerate the speed of intrusion detection.At last, it has simulation experiments aimed at this method, and analyzes test results compared with standard K-means algorithm, and shows good practical value of this method.
hybrid intrusion detection cloud computing unsupervised learning bisecting k-means silhouette coefficient
Xinlong Zhao Weishi Zhang
Department of Information Science and Technology Dalian Maritime University Dalian, China
国际会议
武汉
英文
225-230
2016-09-23(万方平台首次上网日期,不代表论文的发表时间)