Asia-Pacific Network Operations and Management Symposium
DB-Kmeans:An Intrusion Detection Algorithm Based on DBSCAN and K-means
Gangsong Dong, Yi Jin, Shiwen Wang, Wencui Li, Zhuo Tao, ShaoYong Guo,
PDF download (763.8KB)
Recently, with wide use of internet and rapid growth of computer networks, the problem of intrusion detection in network security has become an import issue of concern. In this paper, a new intrusion detection algorithm DB-Kmeans has been introduced which combines K-means with DBSCAN. DB-Kmeans uses a new selection method of initial cluster center in K-means and set the neighborhood radius in DBSCAN to dynamic. Compared to K-means algorithm, it overcomes the shortage of sensitivity to initial centers and reduces the impact of noise points. Compared to DBSCAN algorithm, it reduces the influence of fixed neighborhood radius. The experiments on the NSL-KDD data set indicate that the proposed method is more efficient than that based on MinMax K-means algorithm. Also, the method has higher detection accuracy and lower false alarm rate.