Intrusion Detection at Packet Level by Unsupervised Architectures
نویسندگان
چکیده
Intrusion Detection Systems (IDS’s) monitor the traffic in computer networks for detecting suspect activities. Connectionist techniques can support the development of IDS’s by modeling ‘normal’ traffic. This paper presents the application of some unsupervised neural methods to a packet dataset for the first time. This work considers three unsupervised neural methods, namely, Vector Quantization (VQ), Self-Organizing Maps (SOM) and Auto-Associative Back-Propagation (AABP) networks. The former paradigm proves quite powerful in supporting the basic space-spanning mechanism to sift normal traffic from anomalous traffic. The SOM attains quite acceptable results in dealing with some anomalies while it fails in dealing with some others. The AABP model effectively drives a nonlinear compression paradigm and eventually yields a compact visualization of the network traffic progression.
منابع مشابه
MLH-IDS: A Multi-Level Hybrid Intrusion Detection Method
With the growth of networked computers and associated applications, intrusion detection has become essential to keeping networks secure. A number of intrusion detection methods have been developed for protecting computers and networks using conventional statistical methods as well as data mining methods. Data mining methods for misuse and anomaly-based intrusion detection, usually encompass sup...
متن کاملA New Intrusion Detection System to deal with Black Hole Attacks in Mobile Ad Hoc Networks
By extending wireless networks and because of their different nature, some attacks appear in these networks which did not exist in wired networks. Security is a serious challenge for actual implementation in wireless networks. Due to lack of the fixed infrastructure and also because of security holes in routing protocols in mobile ad hoc networks, these networks are not protected against attack...
متن کاملFlow Based Intrusion Detection and Prevention By Adaptive Network Learning
With the emergence of global connectivity with expansion of computer networks during the past decade, security threats in network have become a crucial issue for computer systems. Nowadays, it is very important to retain a high level security to ensure safe and trusted communication for information exchange across the network. Different softcomputing based methods and tools have been proposed i...
متن کاملNetwork Anomaly Detection Using Unsupervised Model
Most existing network intrusion detection systems use signature-based methods which depend on labeled training data. This training data is usually expensive to produce due to cost of laboratory set up, experienced or knowledge person and non availability of ready software tool. Above all, these methods have difficulty in detecting new or unknown types of attacks. Using unsupervised anomaly dete...
متن کاملMachine Learning for Network Intrusion Detection
In recent years, networks have become an increasingly valuable target of malicious attacks due to the increased amount of user data they contain. In defense, Network Intrusion Detection Systems (NIDSs) have been developed to detect and report suspicious activity (i.e. an attack). In this project, we explore unsupervised learning techniques for building NIDs, which only analyze unencrypted packe...
متن کامل