Machine learning-based network intrusion detection identifies malicious network behaviors (intrusions) via pattern recognition (classification) technologies, which has attracted extensive attention due to its strong adaptability and high sensitivity. Existing pattern classifiers generally assume that the distributions of data sets are roughly balanced. However, in a real network environment, the number of intrusions is much less than the number of normal accessing. In this paper, a cluster structure-based adaptive synthetic sampling approach (CSbADASYN) is proposed, where minority classes are adaptively interpolated by mining the internal structure of minority-class samples to obtain the distributed characteristics-preserved balance samples for the detector training. The CSbADASYN adopts the spectral clustering method to cluster the minority-class samples in advance. Then, it makes an adaptive interpolation operation based on the achieved clusters to obtain balanced samples with distribution preserving characteristics for the classifier model learning. Extensive verification and comparative experiments are carried out on classic NSL-KDD and KDD99 datasets. Experimental results show that the CSbADASYN can significantly improve the classification performance of traditional classifier models on unbalanced datasets. Compared with other intrusion detection methods with equalization processing, the CSbADASYN can achieve lower false positive rate and false negative rate.