[1]陈健美,宋顺林,陆虎,等.改进模糊聚类算法及其在入侵检测中的应用[J].东南大学学报(自然科学版),2007,37(4):589-592.[doi:10.3969/j.issn.1001-0505.2007.04.009]
 Chen Jianmei,Song Shunlin,Lu Hu,et al.Improved fuzzy clustering algorithm and its application to intrusion detection[J].Journal of Southeast University (Natural Science Edition),2007,37(4):589-592.[doi:10.3969/j.issn.1001-0505.2007.04.009]
点击复制

改进模糊聚类算法及其在入侵检测中的应用()
分享到:

《东南大学学报(自然科学版)》[ISSN:1001-0505/CN:32-1178/N]

卷:
37
期数:
2007年第4期
页码:
589-592
栏目:
计算机科学与工程
出版日期:
2007-07-20

文章信息/Info

Title:
Improved fuzzy clustering algorithm and its application to intrusion detection
作者:
陈健美 宋顺林 陆虎 宋余庆 朱玉全
江苏大学计算机科学与通信工程学院, 镇江 212013
Author(s):
Chen Jianmei Song Shunlin Lu Hu Song Yuqing Zhu Yuquan
College of Computer Science and Telecommunications Engineering, Jiangsu University, Zhenjiang 212013, China
关键词:
模糊聚类 可能隶属度 不确定性隶属度 入侵检测 检测率
Keywords:
fuzzy clustering possibility membership degree uncertainty membership degree intrusion detection detecting rate
分类号:
TP311
DOI:
10.3969/j.issn.1001-0505.2007.04.009
摘要:
针对将数据集隶属度概率和为1的条件用于模糊性事件时,影响聚类的正确率的情况,在不确定理论的基础上,研究了数据隶属度问题,提出一种新的基于隶属关系不确定的可能性改进模糊聚类算法.该算法在迭代过程中将聚类的可能隶属度与不确定性隶属度引入到目标函数中,使得样本中的元素不局限于仅属于一个聚类,与现有的聚类算法相比具有更好的聚类结果.通过在KDDCUP99数据集上实验,验证了该算法在入侵检测中的检测率为95.8%, 分别高于K-均值算法的检测率(60.4%)和FCM算法的检测率(64.6%).
Abstract:
Since the condition that the sum of possible membership degree of data set is 1 will make negative effect on the correction ratio of fuzzy clustering in fuzzy events, some research on the membership degree of data is conducted and a new improved fuzzy clustering algorithm using the possibility of uncertainty membership degree is presented on the basis of uncertainty theory. Possible membership degree and uncertainty membership degree are introduced into object functions in iterative processing of this algorithm to make the element sample not longer belong to one cluster only, which leads to more preferable results than current clustering algorithms. Experiments on dataset KDDCUP99 testify that the detection rate of this algorithm is up to 95.8% in intrusion detection, which is better than the rate of K-means(60.4%)and fuzzy C-means(FCM)(64.6%).

参考文献/References:

[1] Portnoy L,Eskin E,Stolfo S J.Intrusion detection with unlabeled data using clustering[C] //Proceedings of ACM CSS Workshop on Data Mining Applied to Security.Philadelphia,PA,2001:123-130.
[2] 罗敏.基于聚类和支持向量机的网络入侵检测研究[D].武汉:武汉大学计算机学院,2003.
[3] 蒋盛益,李庆华.一种基于聚类的有指导的入侵检测方法[J].小型微型计算机系统,2005,26(6):1042-1045.
  Jiang Shengyi,Li Qinghua.Clustering-based and supervised intrusion detection method[J]. Mini-Micro Systems,2005,26(6):1042-1045.(in Chinese)
[4] Zadeh L A.Fuzzy sets[J].Information and Control,1965,8:338-353.
[5] Dunn J C.A fuzzy relative of the ISODATA process and its use in detecting compact well-separated clusters[J].Journal of Cybernetics,1974,3(3):32-57.
[6] Bezdek J C.Fuzzy mathematics in pattern classification[D].New York:Cornell University,1973.
[7] 张敏,于剑.基于划分的模糊聚类算法[J].软件学报,2004,15(6):858-868.
  Zhang Min,Yu Jian.Fuzzy partitional clustering algorithms[J].Journal of Software,2004,15(6):858-868.(in Chinese)
[8] Bezdek J C.Pattern recognition with fuzzy objective function algorithms[M].New York:Plenum Press,1981.
[9] Pal N R,Pal K,Bezdek J C.A new hybrid C-means clustering model[C] //Proceedings of the IEEE International Conference on Fuzzy Systems.Piscataway:IEEE Press,2004,1:179-184.
[10] Pal N R,Pal K,Bezdek J C.A possibilistic fuzzy C-means clustering algorithm[J].IEEE Trans Fuzzy Systems,2005,13(4):517-530.
[11] Timm H,Kruse R.A modification to improve possibilistic fuzzy cluster analysis[C] //The 2002 IEEE International Conference on Fuzzy Systems.Piscataway,2002,2:1460-1465.
[12] Bezdek J C. Pattern recognition with fuzzy objective function algorithms[M].New York:Plenum Press,1981.
[13] The UCI KDD.KDDCUP99 data set[EB/OL].(1999)[2004-10-20].http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html.
[14] Lee W K,Stolfo S J,Mok K W.A data mining framework for building intrusion detection models[C] //Proceeding of the 1999 IEEE Symposium on Security and Privacy.Oakland,1999:120-132.
[15] Lee W.A data mining framework for constructing features and models for intrusion detection systems [D].New York:Columbia University,1999.
[16] 王晓峰.基于进化半监督式模糊聚类算法的入侵检测[M].西安:西安电子科技大学出版社,2005.

备注/Memo

备注/Memo:
基金项目: 国家自然科学基金资助项目(60572112)、江苏省软件与集成电路专项基金资助项目([2005]196).
作者简介: 陈健美(1962—),女,博士生; 宋顺林(联系人),男,教授,博士生导师,songsl@ujs.edu.cn.
更新日期/Last Update: 2007-07-20