An Intrusion Detection System Based on Hierarchical Self-Organization
نویسندگان
چکیده
An intrusion detection system (IDS) monitors the IP packets flowing over the network to capture intrusions or anomalies. One of the techniques used for anomaly detection is building statistical models using metrics derived from observation of the user's actions. A neural network model based on self organization is proposed for detecting intrusions. The selforganizing map (SOM) has shown to be successful for the analysis of high-dimensional input data as in data mining applications such as network security. The proposed growing hierarchical SOM (GHSOM) addresses the limitations of the SOM related to the static architecture of this model. The GHSOM is an artificial neural network model with hierarchical architecture composed of independent growing SOMs. Randomly selected subsets that contain both attacks and normal records from the KDD Cup 1999 benchmark are used for training the proposed
منابع مشابه
Entropy Based Fuzzy Rule Weighting for Hierarchical Intrusion Detection
Predicting different behaviors in computer networks is the subject of many data mining researches. Providing a balanced Intrusion Detection System (IDS) that directly addresses the trade-off between the ability to detect new attack types and providing low false detection rate is a fundamental challenge. Many of the proposed methods perform well in one of the two aspects, and concentrate on a su...
متن کاملEvaluation of an Intrusion Detection System for Routing Attacks in Wireless Self-organised Networks
Wireless Sensor Networks (WSNs) arebecoming increasingly popular, and very useful in militaryapplications and environmental monitoring. However,security is a major challenge for WSNs because they areusually setup in unprotected environments. Our goal in thisstudy is to simulate an Intrusion Detection System (IDS)that monitors the WSN and report intrusions accurately andeffectively. We have thus...
متن کاملAn Intrusion Detection Method Based on Improved Growing Hierarchical Self-Organizing Map
Growing hierarchical self-organizing map (GHSOM), as a kind of topology map, is an effective method to process large scale data. It not only enjoys the advantages of self-organizing map (SOM), but also owns its special multi-layer hierarchical structure which is easy to reveal the hierarchical structure behind the input data by using GHSOM. Though GHSOM has made great progress on the improvemen...
متن کاملA Hybrid Framework for Building an Efficient Incremental Intrusion Detection System
In this paper, a boosting-based incremental hybrid intrusion detection system is introduced. This system combines incremental misuse detection and incremental anomaly detection. We use boosting ensemble of weak classifiers to implement misuse intrusion detection system. It can identify new classes types of intrusions that do not exist in the training dataset for incremental misuse detection. As...
متن کاملDynamic Intrusion Detection Using Self-Organizing Maps
A system is described for applying hierarchical unsupervised neural networks (self organizing feature maps) to the intruder detection problem. Specific emphasis is given to the representation of time and the incremental development of a hierarchy. Preliminary results are given for the DARPA 1998 Intrusion Detection Problem.
متن کامل