Abstract
As is known to all, the Internet is open and shared. These two characteristics make the Internet has a wealth of resources. However, they bring security risks to the Internet. One solution is to establish a security system that is relatively easy to achieve, and to establish the appropriate security assistance system in accordance with a certain security policy. In terms of computer security in the network environment, we need a kind of technology that can detect and report the unauthorized or abnormal phenomena in the system, that is, the intrusion detection technology. Data mining is a data analysis and processing technology which is a kind of widely used. Data mining technology can quickly and effectively analyze the big data, and find out the useful information and knowledge. Clustering analysis is an important tool in data mining, and clustering analysis is used to find the potential relationship between the data attributes. The k-means algorithm is a typical clustering algorithm that has the advantages of fast convergence speed and strong local search ability. But k- means algorithm has some defects, such as the sensitivity to the initial centre, easy to fall into local optimum. In order to improve the detection effect of intrusion detection system, this paper researches on the commonly used clustering and classification techniques in data mining. Then, in order to solve the problem that the detection result is affected by the initial clustering centre and number setting, we propose a k-means clustering algorithm based on genetic algorithm. Genetic algorithm has good global optimization ability, and the improved crossover operator and mutation operator can be used to generate a better chromosome. Finally, through the simulation of KDD CUP99 data set, the feasibility and validity of the proposed approach is verified. The experimental results show that this method improves the accuracy of clustering, speeds up the convergence rate, and enhances the stability of the algorithm.
