Intrusion detection research based on outlier detection

An kernel clustering intrusion detection approach based on outlier detection is presented in this paper.The basic idea of the approach is to map the training data nonlinearly into a higher-dimensional feature space via a kernel function,to construct a separating hyperplane with maximum margin and to define a new distance measure in the feature space.With the classified data instances,anomaly data clusters can be easily identified by normal cluster ratio.And then the identified cluster can be used in real data detection.The benefits of the approach lie in that it is fast in convergence speed and accurate in clustering and it needn't labeled training data sets.Using the data sets of KDD99,the experiment result shows that this approach can detect intrusions efficiently in the real network connections.