Abstract: Aiming at the problem for labeled data that intrusion detection algorithms based on supervised learning, the ASCID algorithm for intrusion detection based on semi-supervised is proposed in this paper, by appling active learning strategy to semi-supervised clustering process.Active learning queries constrains on labeled data and unlabeled data, which uses minimal labeled data to generate the correct sample data model and guide lots of unlabelled data clustering, the algorithm performance is improved by use an improved K-nearest neighbor algorithm to further define the type of unlabeled data after clustering.Finally, the experiment results show the feasibility and validity of the algorithm.