The Application Research Of K-means Clustering Algorithm In Network Intrusion Detection

With the rapid development of computer technology, the network security has become an important guarantee for social development, most of the technical development relying on the network security support, therefore, cyber source sharing hand let social information exchange more convenient and faster, while on the other hand, the network safety has a direct influence on the social development of information security problem.Intrusion detection system plays an important part in network security architecture, with the diversification and complication of invasion methods, people require better intrusion detection system.This paper introduces the basic concepts, principles and development problems of intrusion detection, elaborates the principle and process of K-means algorithm, researches and analyzes the existing problems of the K-means algorithm in the intrusion-detection system in application.In view of its sensitivity in the initial value which is so easily to be affected by the isolated point, and the convergence which may result easily to fall into local optimum and other disadvantages, the paper proposes to delete isolated point first, then make the optimized choice of the initial center, and finally improve the algorithm of the method of the removed outliers clustering.This paper proposes intrusion detection model based on clustering, using intrusion detection data sets KDD Cup99in Intrusion Detection Model on the basis of improved K-means algorithm to do the simulation experiment. Experimental results show that: in the mixed data intrusion detection, compared to the traditional K-means algorithm, the improved K-means algorithm can promote the detection rate by4.4%to21.9%, and lower the error rate by0.03%to0.21%;in the single known intrusion data detection, the improved K-means can promote the detection rate by12.3%to20.8%,and lower the error rate by0.08%to0.2%;in the unknown single intrusion data detection, the improved K-means algorithm can promote the detection rate by6%to20%, and lower the error rate by0.1%to0.26%.That proves the improved K-means algorithm has good detection results, thus is much better than the traditional K-means algorithm.