A clustering-based and supervised intrusion detection method, named CBSID (Clustering-based and Supervised Interu-sion Detection) with new distance defination is proposed in this paper. CBSID clusters training data by the label and the results of clustering are used as classification model to predict which cluster the current data belongs to. The method is robust to the cluster parameter and the input sequence of data. The classifiaction model may be incremental updated. Compared with the most existing supervised intrusion detection methods, this method can detect unknown intrusions. The exper...