Analysis of neural networks usage for detection of a new attack in IDS

Generally, Intrusion Detection Systems (IDS) work using two methods of identification of attacks: by signatures, that are specific defined elements of the network traffic possible to identify and by anomalies being some deviation form of the network behaviour assumed as normal. Recently, some attempts have been made to implement artificial intelligence method for detection of attacks. Many such implementations use for testing and learning process the data set provided by KDD (Knowledge Discovery and Data Mining Competition) project in 1999. Unfortunately, KDD99 data set was created more than eight years ago and during this time many new attacks have been discovered. In this paper we present our research on updating KDD99 data with traces of attacks of new types. After updating, the data set was used for training and testing MLP (Multi Layer Perceptron) neural network architecture IDS.