A Network Intrusion Detection Method based on K-Means
Conference: CIBDA 2022 - 3rd International Conference on Computer Information and Big Data Applications
03/25/2022 - 03/27/2022 at Wuhan, China
Proceedings: CIBDA 2022
Pages: 5Language: englishTyp: PDF
Authors:
Fang, Mingyang; Liu, Feng (School of Computer Science and Technology, Anhui University, Hefei, Anhui, China)
Abstract:
With the continuous development of computer technology and the expansion of network scale, intrusion has become more and more serious threats to the security of computer systems and networks. An intrusion is an unauthorized and deliberate attempt to access information, tamper with it, and make the system unreliable or unusable. For illegal intrusion behavior, we propose an unsupervised anomaly detection method, which combines clustering analysis method with intrusion detection technology, and uses K-Means algorithm to cluster unlabeled data, so as to provide as pure normal behavior data as possible for establishing normal behavior model. In the process of modeling, a new normal behavior modeling algorithm based on hyperrectangle is proposed, which is helpful to detect intrusion behaviors quickly and accurately. Experiments on KDDcup99 dataset show that this method can effectively detect intrusion behaviors in network data, with high detection rate and low false detection rate.