Optimizing Fuzzy K-means for network anomaly detection using PSO

Intrusion detection has become an indispensable defense line in the information security infrastructure. The existing signature-based intrusion detection mechanisms are often not sufficient in detecting many types of attacks. K-means is a popular anomaly intrusion detection method to classify unlabeled data into different categories. However, it suffers from the local convergence and high false alarms. In this paper, two soft computing techniques, fuzzy logic and swarm intelligence, are used to solve these problems. We proposed SFK-means approach which inherits the advantages of K-means, Fuzzy K-means and Swarm K- means, simultaneously we improve the deficiencies. The most advantages of our SFK-means algorithm are solving the local convergence problem in Fuzzy K- means and the sharp boundary problem in Swarm K- means. The experimental results on dataset KDDCup99 show that our proposed method can be effective in detecting various attacks.