Advertisement

Wuhan University Journal of Natural Sciences

, Volume 11, Issue 2, pp 355–359 | Cite as

A heuristic clustering algorithm for intrusion detection based on information entropy

  • Xiong Jiajun
  • Li Qinghua
  • Tu Jing
Article

Abstract

This paper studied on the clustering problem for intrusion detection with the theory of information entropy, it was put forward that the clustering problem for exact intrusion detection based on information entropy is NP-complete, therefore, the heuristic algorithm to solve the clustering problem for intrusion detection was designed, this algorithm has the characteristic of incremental development, it can deal with the database with large connection records from the internet.

Key words

intrusion detection data mining clustering information entropy 

CLC number

TP 393 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [1]
    Klaus J. Data Mining for Intrusion Detection [C]//Proceedings of the Eighth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. Boston: Kluwer Academic Publisher, 2002:366–375.Google Scholar
  2. [2]
    Portnoy L, Eskin E, Stolfo S J. Intrusion, Detection with Unlabeled Data Using Clustering [C]//Proceedings of the ACM CCS Workshop on Data Mining for Security Applications. New York: ACM Press, 2001.Google Scholar
  3. [3]
    Han J, Kamber M.Data Mining: Concepts and Techniques [M]. New York: Morgan Kaufmann Publisher, 2000.Google Scholar
  4. [4]
    Guha S, Rastogi R, Shim K. ROCK: A Robust Clustering Algoirthm for Categorical Attributes [J].Information Systems, 2000,25(5): 345–366.CrossRefGoogle Scholar
  5. [5]
    Allen J, Christie A, Fithen W,et al. State of the Practice of Intrusion Detection Technologies [R/OL] [2000-12-18].http: //www.sei.cmu.edu/pub/documents/99. reports/pdf/99tr028.pdf Google Scholar
  6. [6]
    Wenke Lee, Mok K. Adaptive Intrusion Detection: A Data Mining Approach[J].Artificial Intelligence Review, 2002,14(6):533–567.CrossRefGoogle Scholar
  7. [7]
    Ganti V, Gehrke J, Ramakrishnan R. CACTUS—Clustering Categorical Data Using Summaries [C]//5th ACM SIGKDD International Conference on Knowledge Discovery in Databases (SICKDD). New York: ACM Press. 1999: 73–83.Google Scholar
  8. [8]
    Dolnicar S, Leisch F, Weigessel A,et al. A Comparison of Several Cluster Algorithms on Artificial Binary Data Scenarios from Travel Market Segmentation [C]//Proceedings of the SIGMOD Workshop on Research Issues on Data Mining and Knowledge Discovery. New York: ACM Press, 1997.Google Scholar
  9. [9]
    Wenke Lee, Dong Xiang.Information Theoretic Measures for Anomaly Detection [D]. Raleigh: Computer Science Department, North Carolina State University, 2000.Google Scholar
  10. [10]
    Garey M, Johnson D.A Guide to the Theory of NP-Completeness [M]. New York: Freeman W H, 1979.Google Scholar

Copyright information

© Springer 2006

Authors and Affiliations

  • Xiong Jiajun
    • 1
  • Li Qinghua
    • 2
  • Tu Jing
    • 1
  1. 1.Department of ComputerRadar AcademyWuhan, HubeiChina
  2. 2.College of Computer ScienceHuazhong University of Science and TechnologyWuhan, HubeiChina

Personalised recommendations