Intrusion detection method based on clonal network clustering
一种基于克隆网络聚类的入侵检测方法

Reasonable clustering analysis of data done by clonal network can be obtained when the strategy of immunity cloning is applied to network clustering.By expressing the magnanimity datum with a small-scale network,clonal network structure was adopted in training the intrusion detection so as to get the compressed data.What's more,the Minimal Spanning Tree in the term of Graph Theory was employed to perform clustering analysis on network structure and achieve the characterization of normal and abnormal data finally.This clustering algorithm can deal with network intrusion detection from mass unlabeled data,distinguish between normal and abnormal data and detect unknown attacks.The computer simulations on the KDD CUP99 dataset show that this algorithm can achieve higher detection rate of known or unknown attacks and lower false positive rate when compared with the previous algorithms.