Abstract
This paper studied on the clustering problem for intrusion detection with the theory of information entropy, it was put forward that the clustering problem for exact intrusion detection based on information entropy is NP-complete, therefore, the heuristic algorithm to solve the clustering problem for intrusion detection was designed, this algorithm has the characteristic of incremental development, it can deal with the database with large connection records from the internet.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Klaus J. Data Mining for Intrusion Detection [C]//Proceedings of the Eighth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. Boston: Kluwer Academic Publisher, 2002:366–375.
Portnoy L, Eskin E, Stolfo S J. Intrusion, Detection with Unlabeled Data Using Clustering [C]//Proceedings of the ACM CCS Workshop on Data Mining for Security Applications. New York: ACM Press, 2001.
Han J, Kamber M.Data Mining: Concepts and Techniques [M]. New York: Morgan Kaufmann Publisher, 2000.
Guha S, Rastogi R, Shim K. ROCK: A Robust Clustering Algoirthm for Categorical Attributes [J].Information Systems, 2000,25(5): 345–366.
Allen J, Christie A, Fithen W,et al. State of the Practice of Intrusion Detection Technologies [R/OL] [2000-12-18].http: //www.sei.cmu.edu/pub/documents/99. reports/pdf/99tr028.pdf
Wenke Lee, Mok K. Adaptive Intrusion Detection: A Data Mining Approach[J].Artificial Intelligence Review, 2002,14(6):533–567.
Ganti V, Gehrke J, Ramakrishnan R. CACTUS—Clustering Categorical Data Using Summaries [C]//5th ACM SIGKDD International Conference on Knowledge Discovery in Databases (SICKDD). New York: ACM Press. 1999: 73–83.
Dolnicar S, Leisch F, Weigessel A,et al. A Comparison of Several Cluster Algorithms on Artificial Binary Data Scenarios from Travel Market Segmentation [C]//Proceedings of the SIGMOD Workshop on Research Issues on Data Mining and Knowledge Discovery. New York: ACM Press, 1997.
Wenke Lee, Dong Xiang.Information Theoretic Measures for Anomaly Detection [D]. Raleigh: Computer Science Department, North Carolina State University, 2000.
Garey M, Johnson D.A Guide to the Theory of NP-Completeness [M]. New York: Freeman W H, 1979.
Author information
Authors and Affiliations
Additional information
Foundation item: Supported by the National Natural Science Foundation of China 660273075)
Biography: XIONG Jiajun (1961-), male, Professor, Ph. D., research direction: information security.
Rights and permissions
About this article
Cite this article
Jiajun, X., Qinghua, L. & Jing, T. A heuristic clustering algorithm for intrusion detection based on information entropy. Wuhan Univ. J. Nat. Sci. 11, 355–359 (2006). https://doi.org/10.1007/BF02832121
Received:
Issue Date:
DOI: https://doi.org/10.1007/BF02832121