JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE) ›› 2018, Vol. 48 ›› Issue (3): 115-119.doi: 10.6040/j.issn.1672-3961.0.2017.428

Previous Articles     Next Articles

A hybrid intrusion detection system based on BFOA and K-means algorithm

XIAO Miaomiao1,2, WEI Benzheng1,2*, YIN Yilong3   

  1. 1. College of Science and Technology, Shandong University of Traditional Chinese Medicine, Jinan 250355, Shandong, China;
    2. Computational Medicine Lab, Shandong University of Traditional Chinese Medicine, Jinan 250355, Shandong, China;
    3. School of Software Engineering, Shandong University, Jinan 250101, Shandong, China
  • Received:2017-05-05 Online:2018-06-20 Published:2017-05-05

PDF (PC)

587

Abstract: The K-means algorithm was sensitive to the selection of the initial clustering center and the number of clusters K, which led to the instability of the clustering results and would have a significant impact on the detection results of IDS(instrusion detection system, briefly named as IDS). To solve this problem, a hybrid intrusion detection algorithm(HIDS)based on BFOA(bacterial foraging optimization algorithm)and K-means was proposed. The value of K could be determined dynamically based on the distance threshold method. BFOA could be used to optimize the initial cluster centers, which made the initial clustering centers to be globally optimal. Therefore, the instability of the clustering results of K-means algorithm was solved. The detection rate was 98.33% by performing an experimental test on the KDD99 dataset. The experimental results showed that the method could effectively improve the detection rate and reduce the false detection rate.

Key words: intrusion detection, bacterial foraging optimization algorithm, HIDS, K-means algorithm, detection rate

CLC Number: 

  • TP391
[1] 赵光霞,宋心蕊. 2016年世界互联网发展乌镇报告[M/OL]. 乌镇:人民网,2016[2016-11-18].http://media.people.com.cn/n1/2016/1118/c40606-28879457-2.html.
[2] WANG Zhu, CHEN Chao, GUO Bin, et al. Internet plus in China[J]. IT Professional, 2016, 18(3):5-8.
[3] ALI Mazhar, KHAN S U, VASILAKOS A V. Security in cloud computing:opportunities and challenges[J]. Information Sciences, 2015, 305(1):357-383.
[4] ARDAGNA C A, BELLANDI V, BEZZI M, et al. Model-based big data analytics-as-a-service:take big data to the next level[J]. IEEE Transactions on Services Computing, 2018(99):1-1.
[5] MODI Chirag,PATEL Dhiren,BORISANIYA Bhavesh, et al. A survey of intrusion detection techniques in cloud[J]. Journal of Network and Computer Applications, 2013, 36(1):42-57.
[6] DAVIES D L, BOULDIN, DONALD W. A cluster separation measure[J]. IEEE Transactions on Pattern Analysis and Machine Intelligence, 1979, PAMI-1(2):224-227.
[7] THOMAS Hofmann. Unsupervised learning by probabilistic latent semantic analysis[J]. Machine Learning, 2001, 42(1-2):177-196.
[8] SONG Jingping, ZHU Zhiliang, PRICE Chris. A new evidence accumulation method with hierarchical clustering[C] //2016 IEEE International Conference on Cloud Computing and Big Data Analysis. Chengdu, China:IEEE, 2016:122-124.
[9] ANIL Jain. Data clustering:50 years beyond K-means[J]. Pattern Recognition Letters, 2010, 31(8):651-666.
[10] YU Guan, GHORBANI, NABIL Belacel. Y-means: a clustering method for intrusion detection[C] // Proceedings of Canadian Conference on Electrical and Computer Engineering. Montreal, Canada:IEEE, 2003:1083-1086.
[11] LI Han. Research and implementation of an anomaly detection model based on clustering analysis[C] // Proceedings of International Symposium on Intelligence Information Processing and Trusted Computing(IPTC 2010). Huanggang, China:IEEE, 2010:458-462.
[12] 傅涛,孙民亚. 基于PSO的K-means算法及其在网络入侵检测中的应用[J]. 计算机科学,2010,38(5):54-55+73. FU tao, SUN Minya. K-means algorithm based on PSO and its application in network intrusion detection[J]. Computer Science, 2010, 38(5):54-55+73.
[13] ABUROMMAN Abdulla Amin, IBNE REAZ Mamun Bin. A novel SVM-KNN-PSO ensemble method for intrusion detection system[J]. Applied Soft Computing, 2016, 38(1):360-372.
[14] WEI Benzheng, ZHAO Zhimin, PENG Xin. A novel method of medical image registration based on feature point mutual information and ipso algorithm[J]. Journal of Computational Information Systems, 2010, 7(2):559-567.
[15] HUANG Zhexue. Extensions to the K-means algorithm for clustering large data sets with categorical values[J]. Data Mining and Knowledge Discovery, 1998, 2(3):283-304.
[16] PANDA Sidhartha, MOHANTY Banaja, HOTA P K. Hybrid BFOA-PSO algorithm for automatic generation control of linear and nonlinear interconnected power systems[J]. Applied Soft Computing, 2013, 13(12):4718-4730.
[17] STOLFO S J, WEI Fan, WENKE Lee. Cost-based modeling for fraud and intrusion detection: results from the jam project[C] //Proceedings of the 2000 DARPA Information Survivability Conference and Exposition. Hilton Head, USA:IEEE, 2000:130-144.
[18] BERNHARD Pfahringer. Winning the kdd99 classification cup:bagged boosting[J]. ACM SIGKDD Explorations Newsletter, 2000, 1(1):65-66.
[19] RICHARD Lippmann, JOSHUA Haines, DAVID Fried. The 1999 darpa off-line intrusion detection evaluation[J]. Computer Networks, 2000, 34(4):579-595.
[20] KUMAR Gulshan, KUMAR Krishan. Design of an evolutionary approach for intrusion detection[J]. The Scientific World Journal, 2013, 2013(2013):1-14.
[1] Caihui LIU,Qi ZHOU,Xiaowen YE. An intrusion detection model based on improved ReliefF algorithm [J]. Journal of Shandong University(Engineering Science), 2023, 53(2): 1-10.
[2] Haijun ZHANG,Yinghui CHEN. Semantic analysis and vectorization for intelligent detection of big data cross-site scripting attacks [J]. Journal of Shandong University(Engineering Science), 2020, 50(2): 118-128.
[3] LI Chun-yan, LIU Yi-liang, WANG Liang-min*. Intrusion detection scheme based on traffic scenarios in vehicular adhoc networks [J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2014, 44(1): 29-34.
[4] WANG Hao, HUA Ji-xue, FAN Xiao-shi. Intrusion detection technology based on twin support vector machine [J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2013, 43(6): 53-56.
[5] XIA Zhan-guo, WAN Ling, CAI Shi-yu, SUN Peng-hui. A semi-supervised clustering algorithm oriented to intrusion detection [J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2012, 42(6): 1-7.
[6] DING Yan, LI Yong-zhong*. Research on intrusion detection algorithm based on PCA and semisupervised clustering [J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2012, 42(5): 41-46.
[7] LIU Yuan-xun,XU Qiu-liang,YUN Xiao-chun . Research on IDS-faced general-purpose application-level protocol identification technology [J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2007, 37(1): 65-69 .
[8] GAO Xiao-wei,JIANG Xiao-yun . [J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2006, 36(6): 107-110 .
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
[1] WANG Su-yu,<\sup>,AI Xing<\sup>,ZHAO Jun<\sup>,LI Zuo-li<\sup>,LIU Zeng-wen<\sup> . Milling force prediction model for highspeed end milling 3Cr2Mo steel[J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2006, 36(1): 1 -5 .
[2] ZHANG Yong-hua,WANG An-ling,LIU Fu-ping . The reflected phase angle of low frequent inhomogeneous[J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2006, 36(2): 22 -25 .
[3] LI Kan . Empolder and implement of the embedded weld control system[J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2008, 38(4): 37 -41 .
[4] KONG Xiang-zhen,LIU Yan-jun,WANG Yong,ZHAO Xiu-hua . Compensation and simulation for the deadband of the pneumatic proportional valve[J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2006, 36(1): 99 -102 .
[5] LAI Xiang . The global domain of attraction for a kind of MKdV equations[J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2006, 36(1): 87 -92 .
[6] YU Jia yuan1, TIAN Jin ting1, ZHU Qiang zhong2. Computational intelligence and its application in psychology[J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2009, 39(1): 1 -5 .
[7] CHEN Rui, LI Hongwei, TIAN Jing. The relationship between the number of magnetic poles and the bearing capacity of radial magnetic bearing[J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2018, 48(2): 81 -85 .
[8] WANG Bo,WANG Ning-sheng . Automatic generation and combinatory optimization of disassembly sequence for mechanical-electric assembly[J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2006, 36(2): 52 -57 .
[9] LI Ke,LIU Chang-chun,LI Tong-lei . Medical registration approach using improved maximization of mutual information[J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2006, 36(2): 107 -110 .
[10] JI Tao,GAO Xu/sup>,SUN Tong-jing,XUE Yong-duan/sup>,XU Bing-yin/sup> . Characteristic analysis of fault generated traveling waves in 10 Kv automatic blocking and continuous power transmission lines[J]. JOURNAL OF SHANDONG UNIVERSITY (ENGINEERING SCIENCE), 2006, 36(2): 111 -116 .
Copyright 2018 © Editorial office of Journal of Shandong University (Engineering Science)
Supported by Beijing Magtech Co.Ltd