An Adaptive Clustering Algorithm for Intrusion Detection

In this paper, we introduce an adaptive clustering algorithm for intrusion detection based on wavecluster which was introduced by Gholamhosein in 1999 and used with success in image processing. Because of the non-stationary characteristic of network traffic, we extend and develop an adaptive wavecluster algorithm for intrusion detection. Using the multiresolution property of wavelet transforms, we can effectively identify arbitrarily shaped clusters at different scales and degrees of detail, moreover, applying wavelet transform removes the noise from the original feature space and make more accurate cluster found. Experimental results on KDD-99 intrusion detection dataset show the efficiency and accuracy of this algorithm. A detection rate above 96% and a false alarm rate below 3% are achieved. The time complexity of the adaptive wavecluster algorithm is O(N) ,which is comparatively low than other algorithm