Optimization of malicious cluster detection based on IP blacklist association clustering algorithm
Author:
Affiliation:

Clc Number:

TN929.5

Fund Project:

  • Article
  • |
  • Figures
  • |
  • Metrics
  • |
  • Reference
  • |
  • Related
  • |
  • Cited by
    Abstract:

    Complex malicious activities in the Internet are jointly performed by IP address clusters. It has become an important research direction to find malicious IP clusters by processing data collected in the network. An IP blacklist association clustering algorithm (IPBACA) is proposed in the paper, in which first constructs an IPIP undirected graph, and then uses measurement statistical correlation to measure the correlation between IP blacklist and IP, and uses the given IP blacklist to find the best threshold worthy of malicious clusters, and judges its standardized residuals whether it is up to standard, it finally identifies a malicious cluster with high precision. The simulation results show, compared with ICAMO algorithm, CAIIB algorithm and DABR algorithm, the IPBACA algorithm proposed in this paper has a significant improvement in the four main performance indicators of precision, recall, F1 and normalized mutual information, and significantly improves the detection ability of malicious clusters.

    Reference
    Related
    Cited by
Get Citation

Cite this article as: LIU Yun, XIAO Tian. Optimization of malicious cluster detection based on IP blacklist association clustering algorithm [J]. J Sichuan Univ: Nat Sci Ed, 2021, 58: 013003.

Copy
Share
Article Metrics
  • Abstract:
  • PDF:
  • HTML:
  • Cited by:
History
  • Received:September 16,2019
  • Revised:May 20,2020
  • Adopted:May 21,2020
  • Online: January 20,2021
  • Published: