Intrusion Detection System Using Self Organizing Map
نویسندگان
چکیده
The goal of the article is to presents intrusion detections systems and design architecture of intrusion detection based on neural network self organizing map. In the report is described base problematic of neural network and intrusion detection system. The article further deals with specific design of intrusion detection architecture based on user anomaly behavior. A core of the designed architecture represents neural network SOM, which classifies monitored user behavior and determines possible intrusion of monitored computer system. Result of the designed architecture is simulations in real conditions. Acquired results of simulation assign expediencies of using neural network SOM in the intrusion detection systems.
منابع مشابه
DB-OLS: An Approach for IDS
An intrusion detection system plays a major role in network security. We propose a model “DB-OLS: An Approach for IDS” which is a Deviation Based-Outlier approach for Intrusion detection using Self Organizing Maps. In this model “Self Organizing Map” approach is to be used for behavior learning and “Outlier mining” approach, for detecting an intruder by calculating deviation from known user pro...
متن کاملImproving Self Organizing Map Performance for Network Intrusion Detection
The continuous evolution of the types of attacks against computer networks suggests a paradigmatic shift from misuse based intrusion detection system to anomaly based systems. Unsupervised learning algorithms are natural candidates for this task, but while they have been successfully applied in host-based intrusion detection, network-based applications are more difficult, for a variety of reaso...
متن کاملDynamic Intrusion Detection Using Self-Organizing Maps
A system is described for applying hierarchical unsupervised neural networks (self organizing feature maps) to the intruder detection problem. Specific emphasis is given to the representation of time and the incremental development of a hierarchy. Preliminary results are given for the DARPA 1998 Intrusion Detection Problem.
متن کاملPoseidon: a 2-tier Anomaly-based Intrusion Detection System
We present Poseidon, a new anomaly based intrusion detection system. Poseidon is payload-based, and presents a two-tier architecture: the first stage consists of a Self-Organizing Map, while the second one is a modified PAYL system [22]. Our benchmarks on the 1999 DARPA data set [15] show a higher detection rate and lower number of false positives than PAYL and PHAD.
متن کاملAn Intrusion Detection Method Based on Improved Growing Hierarchical Self-Organizing Map
Growing hierarchical self-organizing map (GHSOM), as a kind of topology map, is an effective method to process large scale data. It not only enjoys the advantages of self-organizing map (SOM), but also owns its special multi-layer hierarchical structure which is easy to reveal the hierarchical structure behind the input data by using GHSOM. Though GHSOM has made great progress on the improvemen...
متن کامل