Construction of Automatic Intrusion Detection Model Using K-means Algorithm Based on Novel Cuckoo Search Optimization

doi:10.3969/j.issn.1006-2475.2017.11.018

Abstract

Abstract: In consideration of the shortcomings of traditional K-means clustering algorithm, such as poor global search ability and artificial initial cluster number, an intrusion detection system using adaptive K-means algorithm optimized by novel Cuckoo Search algorithm (NCS-AKM) was proposed. In order to increase the diversity of CS algorithm, a similar differential evolution strategy was introduced to complete the individual variation. The KDD Cup99 dataset was applied to rebuild the training data and the four-phase testing data where a new attack was introduced respectively in third and fourth phase. The experiment indicates that NCS-AKM system is sensitive to new attacks, obtaining satisfied detection performance as well as convincing clustering result, and the overall detection rate of four attacks is as high as 83.4% (range:70.8%~89.9%), while the false positive rate is 6.3% (range: 3.0%~11.5%).

Key words: cuckoo search (CS) algorithm, K-means, intrusion online detection, automatic clusters number, differential evolution

CLC Number:

TP393.08

WEI Wan-yun. Construction of Automatic Intrusion Detection Model Using K-means Algorithm Based on Novel Cuckoo Search Optimization[J]. Computer and Modernization, doi: 10.3969/j.issn.1006-2475.2017.11.018.

References

[1] Liao Hung-Jen, Lin Chun-Hung R, Lin Ying-Chih, et al. Intrusion detection system: A comprehensive review[J]. Journal of Network and Computer Applications, 2013,36(1):16-24.

[2] 李涵,包立辉. 基于聚类算法的异常入侵检测模型的研究与实现[J]. 计算机应用与软件, 2006,23(10):126-127.

[3] Marimuthu A, Shanmugam A. Intelligent progression for anomaly intrusion detection[C]// Proceedings of the 6th International Symposium on Applied Machine Intelligence and Informatics. 2008:261-265.

[4] 谷保平,许孝元,郭红艳. 基于粒子群优化的k均值算法在网络入侵检测中的应用[J]. 计算机应用, 2007,27(6):1368-1370.

[5] 肖立中,刘云翔,陈丽琼.基于改进粒子群的加速K均值算法在入侵检测中的研究[J]. 系统仿真学报, 2014,26(8):1652-1657.

[6] 袁芳芳. 人工鱼群和K均值算法相融合的网络入侵检测[J]. 计算机仿真, 2013,30(9):274-277.

[7] 胡艳维,秦拯,张忠志. 基于模拟退火与K均值聚类的入侵检测算法[J]. 计算机科学, 2010,37(6):122-124.

[8] Yang Xin-She, Deb S. Cuckoo search via Lévy flights[C]// Proceedings of the 2009 World Congress on Nature and Biologically Inspired Computing. 2009:210-214.

[9] Yang Xin-She, Deb S. Cuckoo search: Recent advances and applications[J]. Neural Computing and Applications, 2014,24(1):169-174.

[10] 王勇,唐靖,饶勤菲,等. 高效率的K-means最佳聚类数确定算法[J]. 计算机应用, 2014,34(5):1331-1335.

[11] 钱伟懿,候慧超,姜守勇. 一种新的自适应布谷鸟搜索算法[J]. 计算机科学, 2014,41(7):279-282.

[12] 肖辉辉,段艳明. 基于差分进化的布谷鸟搜索算法[J]. 计算机应用, 2014,34(6):1631-1635.

[13] UCI. KDD Cup 1999 Data[DB/OL]. http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html, 1999-10-28.

[14] 冯莹莹,余世干,刘辉. KNN-IPSO选择特征的网络入侵检测[J]. 计算机工程与应用, 2014,50(17):95-99.

[15] 黄会群,孙虹. 粒子群选择特征和信息增益确定特征权值的入侵检测[J]. 计算机应用, 2014,34(6):1686-1688.