Research on Gravity-Based Anomaly Intrusion Detection Algorithm

Analyzing distance-based and density-based outlier detection techniques, this paper introduces an idea based on gravity, which not only considers the distance between pairs of data points, but also pays attention to the density of a data object´s neighbors. We apply it to the anomaly intrusion detection and a new detection method named gravity-based anomaly intrusion detection algorithm (GAIDA) is presented. This algorithm check outliers in intrusion detection by figuring out the number of each cluster and the distance between objects and all clusters after the data set is clustered. This paper pays attention to the hybrid attributes of data objects including numerical attributes and categorical attributes in intrusion detection data set. They are processed with different methods, especially for categorical attribute data, it analyses their characteristics in detail and makes them standardized using vector respectively. Finally experiments are carried out with KDDCUP99 data set, feasibility and efficiency of GAIDA is proved by the experimental results.