中文摘要：

面向数据流的异常检测方法在诸如实时监控、网络入侵检测等领域有着广泛的应用.然而,数据流连续不断的特点,以及数据流处理的特殊性和时效性等限制使得传统的聚类算法已不再适用,因此增量聚类成为当前面向数据流异常检测的研究热点.论文在改进了两类增量聚类方法的基础上,针对单一增量聚类检测率低,误报率较高的问题,提出了一种基于组合增量聚类的数据流异常检测方法,该方法以改进的增量聚类算法为基础,设计了有效的共识函数对多种聚类算法的结果进行融合.实验结果表明,改进的聚类算法在处理效率上有明显提升,适用于增量聚类,并且提出的组合增量聚类相比于单一聚类方法,具有更好的聚类性能.

英文摘要：

Anomaly detection in data stream has gained a high attraction due to its applications,including real-time surveil-lance,network intrusion detection. However,traditional clustering is no longer suitable due to the particularity and timeliness of the data stream and the continuous characteristics of the data flow. Therefore,incremental clustering has become the research hotspots towards anomaly detection in data stream. An anomaly detection model in data stream is proposed based on two improved incremen-tal clustering aiming at the problem of low efficiency,high false positives and lack of pertinence of single clustering. The mothod is based on improved incremental clustering and an effective consensus function is designed to merge the results of a variety of cluster-ing algorithms. The experimental results show that the improved clustering algorithms are applicable to incremental clustering and they have better efficiency and better clustering result than single clustering method.