Traffic Attributes Correlation Mechanism based on Self-Organizing Maps for Real-Time Intrusion Detection
نویسندگان
چکیده
منابع مشابه
Real-Time intrusion detection alert correlation and attack scenario extraction based on the prerequisite consequence approach
Alert correlation systems attempt to discover the relations among alerts produced by one or more intrusion detection systems to determine the attack scenarios and their main motivations. In this paper a new IDS alert correlation method is proposed that can be used to detect attack scenarios in real-time. The proposed method is based on a causal approach due to the strength of causal methods in ...
متن کاملNSOM: A Real-Time Network-Based Intrusion Detection System Using Self-Organizing Maps
In this paper we describe an implementation of a network based Intrusion Detection System (IDS) using Self-Organizing Maps (SOM). The system uses a structured SOM to classify real-time Ethernet network data. A graphical tool continuously displays the clustered data to reflect network activities. Different system parameters such as data collection, data preprocessing and classifier structure are...
متن کاملDynamic Intrusion Detection Using Self-Organizing Maps
A system is described for applying hierarchical unsupervised neural networks (self organizing feature maps) to the intruder detection problem. Specific emphasis is given to the representation of time and the incremental development of a hierarchy. Preliminary results are given for the DARPA 1998 Intrusion Detection Problem.
متن کاملIntrusion Detection Using Emergent Self-organizing Maps
In this paper, we analyze the potential of using Emergent SelfOrganizing Maps (ESOMs) based on Kohonen Self –Organizing maps in order to detect intrusive behaviours. The proposed approach combines machine learning and information visualization techniques to analyze network traffic and is based on classifying “normal” versus “abnormal” traffic. The results are promising as they show the ability ...
متن کاملHost-Based Intrusion Detection Using Self-Organizing Maps
Hierarchical SOMs are applied to the problem of host based intrusion detection on computer networks. Unlike systems based on operating system audit trails, the approach operates on real-time data without extensive off-line training and with minimal expert knowledge. Specific recommendations are made regarding the representation of time, network parameters and SOM architecture.
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: The KIPS Transactions:PartC
سال: 2005
ISSN: 1598-2858
DOI: 10.3745/kipstc.2005.12c.5.649