Journal of Beijing University of Posts and Telecommunications

  • EI核心期刊

JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM ›› 2005, Vol. 28 ›› Issue (4): 103-106.doi: 10.13190/jbupt.200504.103.xianjq

• Reports • Previous Articles     Next Articles

Anomaly Detection Method Based on CSABased Unsupervised Fuzzy Clustering Algorithm

XIAN Jiqing1,LANG Fenghua2   

  1. 1School of Automation, Chongqing University of Posts and Telecommunications, Chongqing 400065, China; 2School of Computer, Chongqing University of Posts and Telecommunications, Cho ngqing 400065, Chin
  • Online:2005-08-28 Published:2005-08-28

Abstract:

A novel intrusion detection method based on clonal selection algorithm (CSA)based unsupervised fuzzy clustering algorithm was presented for solving the problem of fuzzy kmeans algorithm which is much more sensitive to the initialization and is easy to fall intolocal optimization. With the method, the global optimal clustering with clonal operator which combines the evolutionary search, the global search, the stochastic search and the local search could be quickly obtained, in the mean time, the abnormal network behavior patterns with fuzzy detection algorithm could be detected. The benefit of this algorithm is that it does not need the labeled trainingdata sets and it could detect unknown intrusion. Simulation results show that the method mentioned above will be able to detect unknown intrusions with lower false positive rate and higher detection rate.

Key words: anomaly detection, fuzzy clustering, clonal selection algorithm, unsupervised fuzzy kmeans algorithm

CLC Number: