Volume 13 Number 3 (Mar. 2018)
Home > Archive > 2018 > Volume 13 Number 3 (Mar. 2018) >
JSW 2018 Vol.13(3): 192-200 ISSN: 1796-217X
doi: 10.17706/jsw.13.3.192-200

Research on Application of Improved K-means Algorithm in Network Intrusion Detection

Fengling Wang*

Hezhou University, School of Mathematics and Computer Hezhou Guangxi 542899, China

Abstract—In order to solve the problem of network intrusion detection, traditional k-means algorithm in the process of network intrusion detection application, there are some shortcomings, such as sensitivity to the initial value of clustering center, easy to fall into local optimal value, pre-set number of clusters k value, easy to be affected by noise and isolated points, not suitable for the discovery of non-spherical clusters or clusters of large size difference, etc. so that the network intrusion detection accuracy rate is low, high false detection rate. Aiming at the influence of isolated points on the clustering center of k-means algorithm, this paper firstly optimizes the data set itself, removes isolated points, and makes the data set as spherical as possible. For the selection of the initial clustering location, the maximum similarity distance within the class and the minimum similarity distance between classes are used to dynamically generate new classes, and then the data sets are merged into several classes according to the point density, and the unreasonable clusters are split by combining the minimum support tree clustering algorithm, so that the performance of the intrusion detection system is effectively improved. simulation results show that the improved k-means clustering algorithm is used in the network intrusion detection system to improve the detection rate of anomaly detection, reduce the false detection rate, and provide an effective reference for network detection optimization.

Index Terms—Intrusion detection; clustering analysis; k-means algorithm; minimum support tree.


Cite: Fengling Wang, "Research on Application of Improved K-means Algorithm in Network Intrusion Detection," Journal of Software vol. 13, no. 3, pp. 192-200, 2018.

General Information

ISSN: 1796-217X (Online)
Frequency:  Quarterly
Editor-in-Chief: Prof. Antanas Verikas
Executive Editor: Ms. Yoyo Y. Zhou
Abstracting/ Indexing: DBLP, EBSCO, CNKIGoogle Scholar, ProQuest, INSPEC(IET), ULRICH's Periodicals Directory, WorldCat, etc
E-mail: jsweditorialoffice@gmail.com
  • Mar 01, 2024 News!

    Vol 19, No 1 has been published with online version    [Click]

  • Jan 04, 2024 News!

    JSW will adopt Article-by-Article Work Flow

  • Apr 01, 2024 News!

    Vol 14, No 4- Vol 14, No 12 has been indexed by IET-(Inspec)     [Click]

  • Apr 01, 2024 News!

    Papers published in JSW Vol 18, No 1- Vol 18, No 6 have been indexed by DBLP   [Click]

  • Nov 02, 2023 News!

    Vol 18, No 4 has been published with online version   [Click]