Title: Network intrusion detection method based on improved ant colony algorithm combined with cluster analysis in cloud computing environment

Authors: Xifeng Wang; Xiaoluan Zhang

Addresses: School of Computing, Baoji University of Arts and Sciences, Baoji, Shanxi, 721016, China ' School of Computing, Baoji University of Arts and Sciences, Baoji, Shanxi, 721016, China

Abstract: Aiming at the low detection accuracy of traditional clustering algorithm in intrusion detection under cloud computing platform, a network intrusion detection method based on improved ant colony algorithm combined with clustering analysis is proposed. The purpose of the ant colony clustering module is to distinguish most of the clusters belonging to the same type again by clustering algorithm. Each feature vector is used as the clustering centre to process and analyse them, so as to realise the separation of legal and illegal acts of network data as far as possible. Experiments on KDDcup99 data set show that the accuracy of the algorithm can achieve at 94.3% for DoS intrusion types and 94.1% for U2R intrusion types, which is higher than that of the contrast methods. It further proves that the proposed improved algorithm has a good clustering effect.

Keywords: network intrusion detection; ant colony algorithm; cluster analysis; genetic algorithm; abnormal data.

DOI: 10.1504/IJITM.2022.126702

International Journal of Information Technology and Management, 2022 Vol.21 No.4, pp.345 - 358

Received: 26 Apr 2019
Accepted: 28 Dec 2019

Published online: 03 Nov 2022 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article