With the rapid advancement of the Internet,network attack methods are constantly evolving and adapting.To better identify the network attack behavior,a universal gravitation clustering algorithm was proposed by analyz...With the rapid advancement of the Internet,network attack methods are constantly evolving and adapting.To better identify the network attack behavior,a universal gravitation clustering algorithm was proposed by analyzing the dissimilarities and similarities of the clustering algorithms.First,the algorithm designated the cluster set as vacant,with the introduction of a new object.Subsequently,a new cluster based on the given object was constructed.The dissimilarities between it and each existing cluster were calculated using a defined difference measure.Theminimumdissimilaritywas selected.Through comparing the proposed algorithmwith the traditional Back Propagation(BP)neural network and nearest neighbor detection algorithm,the application of the Defense Advanced Research Projects Agency(DARPA)00 and Knowledge Discovery and Data Mining(KDD)Cup 99 datasets revealed that the performance of the proposed algorithmsurpassed that of both algorithms in terms of the detection rate,speed,false positive rate,and false negative rate.展开更多
基金supported by the Fujian China University Education Informatization Project(FJGX2023013)National Natural Science Foundation of China Youth Program(72001126)+1 种基金Sanming University’s Research and Optimization of the Function of Safety Test Management and Control Platform Project(KH22097)Young and Middle-Aged Teacher Education Research Project of Fujian Provincial Department of Education(JAT200642,B202033).
文摘With the rapid advancement of the Internet,network attack methods are constantly evolving and adapting.To better identify the network attack behavior,a universal gravitation clustering algorithm was proposed by analyzing the dissimilarities and similarities of the clustering algorithms.First,the algorithm designated the cluster set as vacant,with the introduction of a new object.Subsequently,a new cluster based on the given object was constructed.The dissimilarities between it and each existing cluster were calculated using a defined difference measure.Theminimumdissimilaritywas selected.Through comparing the proposed algorithmwith the traditional Back Propagation(BP)neural network and nearest neighbor detection algorithm,the application of the Defense Advanced Research Projects Agency(DARPA)00 and Knowledge Discovery and Data Mining(KDD)Cup 99 datasets revealed that the performance of the proposed algorithmsurpassed that of both algorithms in terms of the detection rate,speed,false positive rate,and false negative rate.
