Title :
Research of K-MEANS Algorithm Based on Information Entropy in Anomaly Detection
Author_Institution :
Sch. of Appl. Sci., Beijing Inf. Sci. & Technol. Univ., Beijing, China
Abstract :
Anomaly detection is a vital component of Intrusion Detection system. The anomaly detection approaches can be classified into semi-supervised and unsupervised anomaly detection. Unsupervised anomaly detection technique is the mainly approaches establish the profile of normal behavior with unlabeled training data that consists of both normal as well as anomalous samples. This paper uses the unsupervised K-MEANS algorithm to model and detect anomaly activities. The aim is to improve the detection rate and decrease the false alarm rate. A K-MEANS algorithm based on information entropy (KMIE) is proposed to detect anomaly activities. KMIE can filter the outliers on the dataset to reduce the negative impact, and indentify the initial cluster centers using entropy method. Then, KMIE can use these centers to iterative calculate and classify records into different clusters. This paper uses KDD CUP 1999 dataset to test the performance of KMIE algorithm. The results show that our method has a higher detection rate and a lower false alarm rate, it achieves expectant aim.
Keywords :
entropy; security of data; KMIE algorithm; anomalous sample; anomaly activity detection; anomaly detection rate; false alarm rate; information entropy method; intrusion detection system; semisupervised; unlabeled training data; unsupervised K-MEANS algorithm; unsupervised anomaly detection; Algorithm design and analysis; Classification algorithms; Clustering algorithms; Computer crime; Entropy; Information entropy; Intrusion detection; Anomaly Detection; Clustering Analysis; Information Entropy; K-MEANS;
Conference_Titel :
Multimedia Information Networking and Security (MINES), 2012 Fourth International Conference on
Conference_Location :
Nanjing
Print_ISBN :
978-1-4673-3093-0
DOI :
10.1109/MINES.2012.169
