IEEE Transactions on Software Engineering - Special issue on computer security and privacy
OPTICS: ordering points to identify the clustering structure
SIGMOD '99 Proceedings of the 1999 ACM SIGMOD international conference on Management of data
The X-tree: An Index Structure for High-Dimensional Data
VLDB '96 Proceedings of the 22th International Conference on Very Large Data Bases
Towards a multiagent-based distributed intrusion detection system using data mining approaches
ADMI'11 Proceedings of the 7th international conference on Agents and Data Mining Interaction
| Hi-index | 0.01 |
Coupled with the explosion of number of the network-oriented applications, intrusion detection as an increasingly popular area is attracting more and more research efforts, especially in anomaly intrusion detection area. Literature shows clustering techniques, like K-means, are very useful methods for the intrusion detection but suffer several major shortcomings, for example the value of K of K-means is particularly unknown, which has great influence on detection ability. In this paper, a heuristic clustering algorithm called G-means is presented for intrusion detection, which is based on density-based clustering and K-means and overcomes the shortcomings of K-means. The results of experiments show that G-means is an effective method for the intrusion detection with the high Detection Rate and the low False Positive Rate, as it can reveal the number of clusters in the dataset and initialize reasonably the cluster centroids, which makes G-means accelerate the convergence and obtain preferable performance than K-means.