Volume 13 Number 3 (Mar. 2018)
Home > Archive > 2018 > Volume 13 Number 3 (Mar. 2018) >
JSW 2018 Vol.13(3): 192-200 ISSN: 1796-217X
doi: 10.17706/jsw.13.3.192-200

Research on Application of Improved K-means Algorithm in Network Intrusion Detection

Fengling Wang*
Hezhou University, School of Mathematics and Computer Hezhou Guangxi 542899, China

Abstract—In order to solve the problem of network intrusion detection, traditional k-means algorithm in the process of network intrusion detection application, there are some shortcomings, such as sensitivity to the initial value of clustering center, easy to fall into local optimal value, pre-set number of clusters k value, easy to be affected by noise and isolated points, not suitable for the discovery of non-spherical clusters or clusters of large size difference, etc. so that the network intrusion detection accuracy rate is low, high false detection rate. Aiming at the influence of isolated points on the clustering center of k-means algorithm, this paper firstly optimizes the data set itself, removes isolated points, and makes the data set as spherical as possible. For the selection of the initial clustering location, the maximum similarity distance within the class and the minimum similarity distance between classes are used to dynamically generate new classes, and then the data sets are merged into several classes according to the point density, and the unreasonable clusters are split by combining the minimum support tree clustering algorithm, so that the performance of the intrusion detection system is effectively improved. simulation results show that the improved k-means clustering algorithm is used in the network intrusion detection system to improve the detection rate of anomaly detection, reduce the false detection rate, and provide an effective reference for network detection optimization.

Index Terms—Intrusion detection; clustering analysis; k-means algorithm; minimum support tree.


Cite: Fengling Wang, "Research on Application of Improved K-means Algorithm in Network Intrusion Detection," Journal of Software vol. 13, no. 3, pp. 192-200, 2018.

General Information

ISSN: 1796-217X (Online)
Frequency:  Bimonthly (Since 2020)
Editor-in-Chief: Prof. Antanas Verikas
Executive Editor: Ms. Yoyo Y. Zhou
Abstracting/ Indexing: DBLP, EBSCO, Google Scholar, ProQuest, INSPEC(IET), ULRICH's Periodicals Directory, WorldCat, etc
E-mail: jsw@iap.org
  • Apr 26, 2021 News!

    Vol 14, No 4- Vol 14, No 12 has been indexed by IET-(Inspec)     [Click]

  • Jun 22, 2020 News!

    Papers published in JSW Vol 14, No 1- Vol 15 No 4 have been indexed by DBLP     [Click]

  • Sep 13, 2021 News!

    The papers published in Vol 16, No 6 have all received dois from Crossref    [Click]

  • Jan 28, 2021 News!

    [CFP] 2021 the annual meeting of JSW Editorial Board, ICCSM 2021, will be held in Rome, Italy, July 21-23, 2021   [Click]

  • Sep 13, 2021 News!

    Vol 16, No 6 has been published with online version     [Click]